4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0005 Low
EPSS
Percentile
16.2%
The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2)
php.ini-development in PHP through 5.6.7 specifies the /tmp directory,
which makes it easier for local users to conduct WSDL injection attacks by
creating a file under /tmp with a predictable filename that is used by the
get_sdl function in ext/soap/php_sdl.c.
Author | Note |
---|---|
mdeslaur | we will not be fixing this issue. In environments where this issue is problematic, we recommend setting soap.wsdl_cache_dir to another location |