Lucene search

K
ubuntucveUbuntu.comUB:CVE-2024-3096
HistoryApr 16, 2024 - 12:00 a.m.

CVE-2024-3096

2024-04-1600:00:00
ubuntu.com
ubuntu.com
14
cve-2024-3096
password_verify
returns true
ato risk
pear
php-pear
xenial
unix

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

6.9

Confidence

High

EPSS

0

Percentile

15.5%

In PHP version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before
8.3.5, if a password stored with password_hash() starts with a null byte
(\x00), testing a blank string as the password via password_verify() will
incorrectly return true.

Notes

Author Note
leosilva version in noble is not affected see (LP: #2061147)
OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchphp5< anyUNKNOWN
ubuntu16.04noarchphp7.0< 7.0.33-0ubuntu0.16.04.16+esm9UNKNOWN
ubuntu18.04noarchphp7.2< 7.2.24-0ubuntu0.18.04.17+esm3UNKNOWN
ubuntu20.04noarchphp7.4< 7.4.3-4ubuntu2.22UNKNOWN
ubuntu22.04noarchphp8.1< 8.1.2-1ubuntu2.17UNKNOWN
ubuntu23.10noarchphp8.2< 8.2.10-2ubuntu2.1UNKNOWN
ubuntu24.04noarchphp8.3< 8.3.6-0maysync1UNKNOWN

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

6.9

Confidence

High

EPSS

0

Percentile

15.5%