CVE-2017-1000214

Published Nov 27, 2017

Last updated 7 years ago

CVSS critical 9.8

Overview

Description: GitPHP by xiphux is vulnerable to OS Command Injections
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13D41971-B5C1-4F64-BA1C-D080191F8546"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA1EB2FC-647C-4DDE-B890-D57084DA370E"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE5811AB-2EC7-4170-A748-F8697CB1BF39"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CEBDDA5-87F2-462C-9F41-39810F3F816A"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "384FB52A-0DC1-47DD-B92E-207B0407F847"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5748E5D-4F37-41E0-BA2A-10B1FEBB3C19"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "144FDAB1-0BDF-44CD-9FBF-9072EE4EC532"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F07A0D2B-338C-48F2-A7C8-78F065454042"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA70BDC3-B16D-46BE-8BCF-C874978A6D93"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4215457-A562-4C77-9C41-C4BBDE96CF37"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5775D31F-D33F-44D2-9F85-B94281D5CBF6"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D075FE60-C002-400D-963A-4298B5A833CB"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1AA07C2-9D87-4BFE-8E8D-1E176558EE91"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3DFEFBF-8F83-451E-995A-5A844CC5B13F"
          },
          {
            "criteria": "cpe:2.3:a:gitphp_project:gitphp:0.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56BC69FF-8C34-4588-AEE1-66A40E6E5015"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References