Enhancement: cves/2015/CVE-2015-4050.yaml by mp

2022-06-08 10:14:12 -04:00 · 2022-06-08 10:14:12 -04:00 · bf5832d627
parent be22b0fe51
commit bf5832d627
1 changed files with 5 additions and 3 deletions
--- a/cves/2015/CVE-2015-4050.yaml
+++ b/cves/2015/CVE-2015-4050.yaml
@ -1,15 +1,15 @@
 id: CVE-2015-4050
 info:
-  name: ESI unauthorized access
+  name: Symfony - Authentication Bypass
  author: ELSFA7110,meme-lord
  severity: high
-  description: FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment.
+  description: Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment in the HttpKernel component.
  reference:
    - https://symfony.com/blog/cve-2015-4050-esi-unauthorized-access
    - https://nvd.nist.gov/vuln/detail/CVE-2015-4050
    - http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access
    - http://www.debian.org/security/2015/dsa-3276
    -     - https://nvd.nist.gov/vuln/detail/CVE-2015-4050
  classification:
    cve-id: CVE-2015-4050
  tags: cve,cve2015,symfony,rce
@ -29,3 +29,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/06/08