Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Doctrine Security Misconfiguration Vulnerability

🗓️ 17 May 2022 03:44:28Reported by GitHub Advisory DatabaseType 
github
 github🔗 github.com👁 19 Views

Doctrine security misconfiguration vulnerability in versions prior to 1.2.7, 1.3.2, 1.4.2, 2.4.3, 2.5.1, 2.4.8, and 1.0.2 allows local users to execute arbitrary PHP code with additional privileges

Related
Detection
Refs
ReporterTitlePublishedViews
Family
CNVD		Multiple Zend Products Local Lift Vulnerability
5 Nov 201500:00
cnvd
CVE		CVE-2015-5723
7 Jun 201614:00
cve
Cvelist		CVE-2015-5723
7 Jun 201614:00
cvelist
Debian		[SECURITY] [DSA 3369-1] zendframework security update
6 Oct 201521:31
debian
Debian CVE		CVE-2015-5723
7 Jun 201614:00
debiancve
Tenable Nessus		Debian DSA-3369-1 : zendframework - security update
7 Oct 201500:00
nessus
Tenable Nessus		Fedora 21 : php-doctrine-cache-1.4.2-1.fc21 (2015-15198)
15 Sep 201500:00
nessus
Tenable Nessus		Fedora 22 : php-doctrine-cache-1.4.2-1.fc22 (2015-15199)
15 Sep 201500:00
nessus
Tenable Nessus		Fedora 23 : php-doctrine-cache-1.4.2-1.fc23 (2015-15200)
21 Sep 201500:00
nessus
Tenable Nessus		Fedora 21 : php-doctrine-annotations-1.2.7-1.fc21 (2015-15201)
15 Sep 201500:00
nessus
Rows per page
Vulners
Node
zfcampuszf-apigility-doctrineRange1.0.01.0.3composer
OR
zendframeworkzendframeworkRange2.4.02.4.8composer
OR
zendframeworkzend-cacheRange2.4.02.4.8composer
OR
doctrinecacheRange1.0.01.3.2composer
OR
awsaws-sdk-phpRange3.0.03.2.1composer
OR
zendframeworkzend-cacheRange2.5.02.5.3composer
OR
zendframeworkzendframework1Range1.12.01.12.16composer
OR
doctrinemongodb-odm-bundleRange<3.0.1composer
OR
doctrinemongodb-odmRange<1.0.2composer
OR
doctrineormRange2.5.02.5.1composer
OR
doctrinecommonRange2.5.0-stable2.5.1composer
OR
doctrinecommonRange<2.4.3composer
OR
doctrinecacheRange1.4.01.4.2composer
OR
doctrineannotationsRange<1.2.7composer
SourceLink
nvdwww.nvd.nist.gov/vuln/detail/CVE-2015-5723
listswww.lists.fedoraproject.org/archives/list/[email protected]/message/2IUUC7HPN4XE5NNTG4MR76OC662XRZUO/
listswww.lists.fedoraproject.org/archives/list/[email protected]/message/HPS7A54FQ2CR6PH4NDR6UIYJIRNFXW67/
frameworkwww.framework.zend.com/security/advisory/ZF2015-07
debianwww.debian.org/security/2015/dsa-3369
doctrine-projectwww.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html
githubwww.github.com/aws/aws-sdk-php/releases/tag/3.2.1
frameworkwww.framework.zend.com/security/advisory/ZF2015-07
githubwww.github.com/FriendsOfPHP/security-advisories/blob/master/aws/aws-sdk-php/CVE-2015-5723.yaml
githubwww.github.com/FriendsOfPHP/security-advisories/blob/master/doctrine/cache/CVE-2015-5723.yaml
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
05 Feb 2024 10:27Current
7.6High risk
Vulners AI Score7.6
CVSS 27.2
CVSS 37.8
EPSS0.00033
doctrinesecurity misconfigurationvulnerabilityphp codecacheworld-writable permissionslocal usersadditional privileges
19