CVE-2020-36193 vulnerability in Drupal and Other Products
Published on January 18, 2021

Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.

NVD

Known Exploited Vulnerability

This PEAR Archive_Tar Improper Link Resolution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.

The following remediation steps are recommended / required by September 15, 2022: Apply updates per vendor instructions.

Vulnerability Analysis

CVE-2020-36193 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

What is a Directory traversal Vulnerability?

The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

CVE-2020-36193 has been classified to as a Directory traversal vulnerability or weakness.

What is an insecure temporary file Vulnerability?

The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVE-2020-36193 has been classified to as an insecure temporary file vulnerability or weakness.

Products Associated with CVE-2020-36193

You can be notified by stack.watch whenever vulnerabilities like CVE-2020-36193 are published in these products:

Drupal

PHP Archive Tar

Debian Linux

Fedora Project Fedora

What versions are vulnerable to CVE-2020-36193?

PHP Archive Tar Up to Version 1.4.11

Fedora Project Fedora Version 32
Fedora Project Fedora Version 33
Fedora Project Fedora Version 34
Fedora Project Fedora Version 35

Debian Linux Version 9.0
Debian Linux Version 10.0

Drupal Version 7.0 Fixed in Version 7.78
Drupal Version 8.9.0 Fixed in Version 8.9.13
Drupal Version 9.0.0 Fixed in Version 9.0.11
Drupal Version 9.1.0 Fixed in Version 9.1.3