7.8

CVSS Score

Basic Information

CVE ID

CVE-2015-5723

GHSA ID

GHSA-pw5c-xqf2-6xc2

EPSS Score

CWE

Published

5/17/2022

Updated

2/5/2024

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2015-5723

CVE-2015-5723:
Doctrine Security Misconfiguration Vulnerability

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.

(GitHub Advisory)

7.8

CVSS Score

Basic Information

CVE ID

CVE-2015-5723

GHSA ID

GHSA-pw5c-xqf2-6xc2

EPSS Score

CWE

Published

5/17/2022

Updated

2/5/2024

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
doctrine/annotations	composer	< 1.2.7	1.2.7
doctrine/cache	composer	>= 1.4.0, < 1.4.2	1.4.2
doctrine/common	composer	< 2.4.3	2.4.3
doctrine/common	composer	>= 2.5.0-stable, < 2.5.1	2.5.1
doctrine/orm	composer	>= 2.5.0, < 2.5.1	2.5.1
doctrine/mongodb-odm	composer	< 1.0.2	1.0.2
doctrine/mongodb-odm-bundle	composer	< 3.0.1	3.0.1
zendframework/zendframework1	composer	>= 1.12.0, < 1.12.16	1.12.16
zendframework/zend-cache	composer	>= 2.5.0, < 2.5.3	2.5.3
aws/aws-sdk-php	composer	>= 3.0.0, < 3.2.1	3.2.1
doctrine/cache	composer	>= 1.0.0, < 1.3.2	1.3.2
zendframework/zend-cache	composer	>= 2.4.0, < 2.4.8	2.4.8
zendframework/zendframework	composer	>= 2.4.0, < 2.4.8	2.4.8
zfcampus/zf-apigility-doctrine	composer	>= 1.0.0, < 1.0.3	1.0.3

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from directory creation with 0777 permissions when umask=0. Key functions were identified through:

Doctrine's advisory explicitly mentioning cache directory permission fixes
Zend Framework's security notice about Filesystem adapter changes
Common patterns of cache initialization in ORM/ODM components
File operations using PHP's mkdir() with insecure defaults These functions appear in stack traces when creating cache directories/files during normal operation, which would be exploited through permission-based code injection.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*o*trin* *nnot*tions ***or* *.*.*, ***** ***or* *.*.* *n* *.*.x ***or* *.*.*, *ommon ***or* *.*.* *n* *.*.x ***or* *.*.*, ORM ***or* *.*.* or *.*.x ***or* *.*.*, Mon*o** O*M ***or* *.*.*, *n* Mon*o** O*M *un*l* ***or* *.*.* us* worl*-writ**l* p*rmiss

Reasoning

T** vuln*r**ility st*ms *rom *ir**tory *r**tion wit* **** p*rmissions w**n um*sk=*. K*y *un*tions w*r* i**nti*i** t*rou**: *. *o*trin*'s **visory *xpli*itly m*ntionin* ***** *ir**tory p*rmission *ix*s *. Z*n* *r*m*work's s**urity noti** **out *il*sys

7.8

Basic Information

Concerned about an active attack path?

CVE-2015-5723: Doctrine Security Misconfiguration Vulnerability

7.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2015-5723:
Doctrine Security Misconfiguration Vulnerability

Vulnerability Intelligence
Miggo AI