8.8

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-hq76-662x-7mw4

EPSS Score

CWE

Published

9/3/2024

Updated

9/3/2024

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-hq76-662x-7mw4

GHSA-hq76-662x-7mw4:
Pimcore includes vulnerable PHPOffice/PhpSpreadsheet

Summary

Pimcore 10.6.x and Enterprise 10.6.x versions currently depend on PHPOffice/PhpSpreadsheet version 1.x, which has recently been identified with a security vulnerability (CVE-2024-45048). To mitigate this issue, it is recommended to update to the latest version 2.2.2. For more details, please refer to the official advisory: GHSA-ghg6-32f9-2jp7.

(GitHub Advisory)

8.8

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-hq76-662x-7mw4

EPSS Score

CWE

Published

9/3/2024

Updated

9/3/2024

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
pimcore/data-importer	composer	< 1.8.9	1.8.9
pimcore/data-importer	composer	>= 1.9.0, < 1.9.3	1.9.3
pimcore/admin-ui-classic-bundle	composer	< 1.3.11	1.3.11
pimcore/admin-ui-classic-bundle	composer	>= 1.4.0, < 1.4.7	1.4.7
pimcore/admin-ui-classic-bundle	composer	>= 1.5.0, < 1.5.4	1.5.4
pimcore/pimcore	composer	>= 10.6.9.0, < 10.6.9.12	10.6.9.12
pimcore/pimcore	composer	>= 11.1.0.0, < 11.1.6.11	11.1.6.11

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability (CVE-2024-45048) stems from PHPOffice/PhpSpreadsheet's XML parsing logic. The XmlScanner::getEncoding function fails to properly sanitize encoding attributes using single quotes, enabling XXE. Pimcore inherits this vulnerability via its dependency on PhpSpreadsheet <1.29.1/2.2.2. The IOFactory::load method is the entry point for processing Excel files, making it a critical vulnerable function. Both functions are part of the PhpSpreadsheet library, which is included in Pimcore's affected packages (e.g., data-importer, admin-ui-classic-bundle).

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Summ*ry Pim*or* **.*.x *n* *nt*rpris* **.*.x v*rsions *urr*ntly **p*n* on P*PO**i**/P*pSpr***s***t v*rsion *.x, w*i** **s r***ntly ***n i**nti*i** wit* * s**urity vuln*r**ility (*V*-****-*****). To miti**t* t*is issu*, it is r**omm*n*** to up**t*

Reasoning

T** vuln*r**ility (*V*-****-*****) st*ms *rom P*PO**i**/P*pSpr***s***t's XML p*rsin* lo*i*. T** `XmlS**nn*r::**t*n*o*in*` *un*tion **ils to prop*rly s*nitiz* *n*o*in* *ttri*ut*s usin* sin*l* quot*s, *n**lin* XX*. Pim*or* in**rits t*is vuln*r**ility v

8.8

Basic Information

Concerned about an active attack path?

GHSA-hq76-662x-7mw4: Pimcore includes vulnerable PHPOffice/PhpSpreadsheet

Summary

8.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

GHSA-hq76-662x-7mw4:
Pimcore includes vulnerable PHPOffice/PhpSpreadsheet

Vulnerability Intelligence
Miggo AI