Vulnerability Details : CVE-2023-0567
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.
Products affected by CVE-2023-0567
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
Threat overview for CVE-2023-0567
Top countries where our scanners detected CVE-2023-0567
Top open port discovered on systems with this issue
80
IPs affected by CVE-2023-0567 84,938
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2023-0567!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2023-0567
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-0567
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.1
|
HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
2.8
|
5.2
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-08-01 |
6.2
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.5
|
3.6
|
NIST | |
7.7
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
2.5
|
5.2
|
PHP Group |
CWE ids for CVE-2023-0567
-
The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2023-0567
-
https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4
BCrypt hashes erroneously validate if the salt is cut short by `$` · Advisory · php/php-src · GitHubExploit;Vendor Advisory
-
https://bugs.php.net/bug.php?id=81744
PHP :: Sec Bug #81744 :: Password_verify() always return true with some hashVendor Advisory
Jump to