According to its self-reported version number, the version of PHP running on the remote web server is 7.3.x priori to 7.3.32, 7.4.x prior to 7.4.25 or 8.0.x prior to 8.0.12. It is, therefore, affected by a privilege escalation vulnerability. The root FPM process can be forced to read/write at arbitrary locations using pointers located in the SHM, leading to a privilege escalation from www-data to root.
Note that the scanner has not tested for these issues but has instead relied only on the applicationβs self-reported version number.
No source data