{"id":2483,"date":"2021-01-11T11:25:59","date_gmt":"2021-01-11T16:25:59","guid":{"rendered":"https:\/\/cert.pa\/?p=2483"},"modified":"2023-01-24T09:55:44","modified_gmt":"2023-01-24T14:55:44","slug":"csirt-panama-aviso-2021-01-11-php-actualizacion-de-vulnerabilidades-obtenidas-de-php","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=2483","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2021-01-11 PHP: Actualizaci\u00f3n de vulnerabilidades obtenidas de PHP."},"content":{"rendered":"\n<p>Gravedad: Alta&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/p>\n\n\n\n<p>Fecha de publicaci\u00f3n: Enero 11, 2021<br>\n\u00daltima revisi\u00f3n: Enero 11, 2021<br>\nPortal: https:\/\/www.php.net\/<\/p>\n\n\n\n<p>Sistemas Afectados: Diversas vulnerabilidades que afectan a PHP en las Versiones de la 7.3 a la 7.4.13. <\/p>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>Descripci\u00f3n<\/strong><\/li><\/ol>\n\n\n\n<p>Actualizaci\u00f3n de vulnerabilidades que afectan a\ndiversas versiones de PHP. <\/p>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>Impacto<\/strong><\/li><\/ol>\n\n\n\n<p>Vulnerabilidad: CVE\u20112020\u20117071<\/p>\n\n\n\n<p>Esta vulnerabilidad permite a un atacante remoto el evadir las restricciones de seguridad implementadas. La vulnerabilidad existe debido a una validaci\u00f3n insuficiente de las URL efectuadas a trav\u00e9s de la configuraci\u00f3n \u00abFILTER_VALIDATE_URL\u00bb.<\/p>\n\n\n\n<p><strong>III. Referencia a soluciones, herramientas e\ninformaci\u00f3n<\/strong><strong><\/strong><\/p>\n\n\n\n<p>Actualizaci\u00f3n de los recursos PHP el siguiente enlace: https:\/\/www.php.net\/downloads.php<\/p>\n\n\n\n<p><strong>Informaci\u00f3n de contacto<\/strong><br>\nCSIRT PANAMA<br>\nComputer Security Incident Response Team Autoridad Nacional para la Innovacion\nGubernamental<br>\nE-Mail: info@cert.pa<br>\nPhone: +507 520-CERT (2378)<br>\nWeb: https:\/\/cert.pa<br>\nTwitter: @CSIRTPanama<br>\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Gravedad: Alta&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Fecha de publicaci\u00f3n: Enero 11, 2021 \u00daltima revisi\u00f3n: Enero 11, 2021 Portal: https:\/\/www.php.net\/ Sistemas Afectados: Diversas vulnerabilidades que afectan a PHP en las Versiones de la 7.3 a la 7.4.13. Descripci\u00f3n Actualizaci\u00f3n de&#8230;<\/p>\n","protected":false},"author":3,"featured_media":1532,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[],"class_list":["post-2483","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2483","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2483"}],"version-history":[{"count":6,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2483\/revisions"}],"predecessor-version":[{"id":2489,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2483\/revisions\/2489"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/1532"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2483"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2483"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2483"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}