All vulnerabilities
CVE-2019-11043 Known ransomware use
PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability
PHP — FastCGI Process Manager (FPM)
- Added to KEV catalog
- 25 March 2022
- Federal remediation due date
- 15 April 2022
- Weakness classification (CWE)
- CWE-120
CISA Description
In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-11043
More PHP Vulnerabilities
Confirm Your Exposure
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services