N/A

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-6xch-2vxx-5pvr

EPSS Score

CWE

CWE-670

Published

5/15/2024

Updated

5/15/2024

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-6xch-2vxx-5pvr

GHSA-6xch-2vxx-5pvr: eZ Platform Rules to disable executable access are ignored on Platform.sh (eZ Cloud)

The recommended Apache/Nginx virtual host configuration for eZ Platform includes a rewrite rule for blocking access to executable files in the var directory. This rule does not work when using eZ Platform Cloud (i.e. running eZ Platform on the Platform.sh cloud service).

The consequence of this is that in such a setup, those executable files may be downloadable. They will not be executable, unless you have specifically configured platform.sh to allow that (which you really should not do). The severity of the download access is limited, but it's better if the platform.sh cloud setup works the same way as regular eZ Platform does. All platform.sh setups are affected.

The fix adds a rule to the .platform.app.yaml configuration file, with the same effect as the rewrite rule already mentioned. After applying the fix, any attempt to access such files will fail with Access Denied. This security update is distributed via Composer as ezsystems/ezplatform 1.7.9.1, and 1.13.5.1, and 2.5.4. This is the commit: https://github.com/ezsystems/ezplatform/commit/773dddc0d8fe4fda34d2153a401eeaa6cc30b1ff

(GitHub Advisory)

N/A

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-6xch-2vxx-5pvr

EPSS Score

CWE

CWE-670

Published

5/15/2024

Updated

5/15/2024

KEV Status

Technology

PHP

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
ezsystems/ezplatform	composer	>= 2.5.0, < 2.5.4	2.5.4
ezsystems/ezplatform	composer	>= 1.13.0, < 1.13.5.1	1.13.5.1
ezsystems/ezplatform	composer	>= 1.7.0, < 1.7.9.1	1.7.9.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from missing security rules in the Platform.sh configuration (.platform.app.yaml), not from specific code functions. The issue occurs because the web server configuration that blocks executable file access (via Apache/Nginx rewrite rules) was not properly implemented in Platform.sh environments. The fix adds a platform.sh-specific rule configuration but does not modify any application code functions. The vulnerability is configuration-related rather than stemming from insecure code functions. There are no specific PHP functions in the application codebase that can be identified as vulnerable based on the provided information.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** r**omm*n*** *p****/N*inx virtu*l *ost *on*i*ur*tion *or *Z Pl*t*orm in*lu**s * r*writ* rul* *or *lo*kin* ****ss to *x**ut**l* *il*s in t** v*r *ir**tory. T*is rul* *o*s not work w**n usin* *Z Pl*t*orm *lou* (i.*. runnin* *Z Pl*t*orm on t** Pl*t*o

Reasoning

T** vuln*r**ility st*ms *rom missin* s**urity rul*s in t** `Pl*t*orm.s*` *on*i*ur*tion (.pl*t*orm.*pp.y*ml), not *rom sp**i*i* *o** *un*tions. T** issu* o**urs ****us* t** w** s*rv*r *on*i*ur*tion t**t *lo*ks *x**ut**l* *il* ****ss (vi* *p****/N*inx

N/A

Basic Information

Concerned about an active attack path?

GHSA-6xch-2vxx-5pvr: eZ Platform Rules to disable executable access are ignored on Platform.sh (eZ Cloud)

N/A

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI