CVE-2024-48963

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning trusted projects.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/snyk/snyk-php-plugin/releases/tag/v1.10.0	Release Notes

Configurations

Configuration 1 (hide)

cpe:2.3:a:snyk:snyk_cli:*:*:*:*:*:*:*:*

History

30 Oct 2024, 14:54

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.5~~	v2 : unknown v3 : 9.8
First Time		Snyk Snyk snyk Cli
References	~~() https://github.com/snyk/snyk-php-plugin/releases/tag/v1.10.0 -~~	() https://github.com/snyk/snyk-php-plugin/releases/tag/v1.10.0 - Release Notes
CPE		cpe:2.3:a:snyk:snyk_cli::::::::

25 Oct 2024, 12:56

Type	Values Removed	Values Added
Summary		(es) El paquete Snyk CLI anterior a la versión 1.1294.0 es vulnerable a la inyección de código al escanear un proyecto PHP que no es de confianza. La vulnerabilidad puede activarse si la prueba Snyk se ejecuta dentro del proyecto que no es de confianza debido al manejo incorrecto del nombre del directorio de trabajo actual. Snyk recomienda escanear solo proyectos de confianza.

23 Oct 2024, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-23 19:15

Updated : 2024-10-30 14:54

NVD link : CVE-2024-48963

Mitre link : CVE-2024-48963

CVE.ORG link : CVE-2024-48963

JSON object : View

Products Affected

snyk

snyk_cli

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2024-48963", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "report@snyk.io", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.6}], "cvssMetricV40": [{"type": "Secondary", "source": "report@snyk.io", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 7.5, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-10-23T19:15:19.607", "references": [{"url": "https://github.com/snyk/snyk-php-plugin/releases/tag/v1.10.0", "tags": ["Release Notes"], "source": "report@snyk.io"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Secondary", "source": "report@snyk.io", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning trusted projects."}, {"lang": "es", "value": "El paquete Snyk CLI anterior a la versi\u00f3n 1.1294.0 es vulnerable a la inyecci\u00f3n de c\u00f3digo al escanear un proyecto PHP que no es de confianza. La vulnerabilidad puede activarse si la prueba Snyk se ejecuta dentro del proyecto que no es de confianza debido al manejo incorrecto del nombre del directorio de trabajo actual. Snyk recomienda escanear solo proyectos de confianza."}], "lastModified": "2024-10-30T14:54:53.937", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:snyk:snyk_cli:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "429337D2-C94B-489F-8017-E31101567FDA", "versionEndExcluding": "1.1294.0"}], "operator": "OR"}]}], "sourceIdentifier": "report@snyk.io"}