VDB
CVE-2023-51651
CVE-2023-51651
PUBLISHED
CVSS 6 MEDIUM
AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the `buildEndpoint` method in the RestSerializer component of the AWS SDK for PHP v3 prior to 3.288.1. The `buildEndpoint` method relies on the Guzzle Psr7 UriResolver utility, which strips dot segments from the request path in accordance with RFC 3986. Under certain conditions, this could lead to an arbitrary object being accessed. This issue has been patched in version 3.288.1.
EPSS 0.11% · 29.0th percentile
Risk Scores
CVSS v3.1
6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.11%
29.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| aws | aws-sdk-php | 0, 0 |
| amazon | aws_software_development_kit | 0, 0 |
| aws | aws-sdk-php | >= 3.0.0, < 3.288.1, * |
Timeline
- Jan 21, 1970 Security Advisory
- Dec 21, 2023 CVE Published
- Dec 22, 2023 CVE Updated
- Dec 22, 2023 PoC Published
- Dec 23, 2023 EPSS Score
- Jan 21, 2024 EPSS Score
- Feb 19, 2024 EPSS Score
- Mar 19, 2024 EPSS Score
- Apr 16, 2024 EPSS Score
- May 15, 2024 EPSS Score
- Jun 13, 2024 EPSS Score
- Jul 12, 2024 EPSS Score
References
- https://github.com/aws/aws-sdk-php/security/advisories/GHSA-557v-xcg6-rm5m url
- https://github.com/aws/aws-sdk-php/commit/aebc9f801438746ac4ade327551576cb75f635f2 url
- https://github.com/aws/aws-sdk-php/releases/tag/3.288.1 url
- https://nvd.nist.gov/vuln/detail/CVE-2023-51651 advisory
- https://github.com/FriendsOfPHP/security-advisories/blob/master/aws/aws-sdk-php/CVE-2023-51651.yaml url
- https://github.com/aws/aws-sdk-php package