CVE-2021-37704 Scanner
Detects 'Information Disclosure' vulnerability in PhpFastCache affects v. before 6.1.5, 7.1.2, and 8.0.7.
Short Info
Level
Medium
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Parent Category
CVE-2021-37704 Scanner Detail
PhpFastCache is a high-performance backend cache system widely used by developers for its efficiency and speed. It offers caching solutions for multiple platforms and databases, and can improve web page loading performance by storing frequently used data or objects in memory for quick retrieval. With its simple API and easy-to-use interface, PhpFastCache is a popular choice for website optimization and database performance enhancement.
Recently, a vulnerability known as CVE-2021-37704 has been discovered in certain versions of PhpFastCache. More specifically, versions prior to 6.1.5, 7.1.2, and 8.0.7 are vulnerable to this security issue. This vulnerability is particularly dangerous as it can expose sensitive information about the system, including the phpinfo() file to attackers. This file contains extensive information about the server configuration, PHP version and installed extensions, potentially enabling attackers to better target their attacks.
If exploited, CVE-2021-37704 can lead to serious security threats, such as leaking server-side information, leading to a possible remote code execution, which allows an attacker to execute arbitrary code on the server. This means that attackers could take full control over the web server, leading to potentially disastrous consequences for the website, its users, and the organization that operates it.
In conclusion, vulnerabilities such as CVE-2021-37704 are a serious threat to organizations and their digital assets. However, with the pro features of securityforeveryone.com platform, individuals and organizations can stay informed about security issues affecting their systems and take action to mitigate against potential risks. With the right security measures in place, developers can continue to enjoy the speed and efficiency of PhpFastCache without putting their systems or users in danger.
REFERENCES
- https://github.com/PHPSocialNetwork/phpfastcache/blob/master/CHANGELOG.md#807
- https://github.com/PHPSocialNetwork/phpfastcache/commit/41a77d0d8f126dbd6fbedcd9e6a82e86cdaafa51
- https://github.com/PHPSocialNetwork/phpfastcache/pull/813
- https://github.com/PHPSocialNetwork/phpfastcache/pull/814
- https://github.com/PHPSocialNetwork/phpfastcache/pull/815
- https://github.com/PHPSocialNetwork/phpfastcache/security/advisories/GHSA-cvh5-p6r6-g2qc
- https://github.com/flextype/flextype/issues/567
- https://packagist.org/packages/phpfastcache/phpfastcache
control security posture