This issue affects the versions of php-pear as shipped with Red Hat Enterprise Linux 6 and 7.
Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
This issue did not affect the versions of php-pear as shipped with Red Hat Enterprise Linux 5.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
|CVSS3 Base Score||8.1|
|CVSS3 Base Metrics||CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H|
Affected Packages State
|Red Hat Software Collections for Red Hat Enterprise Linux||rh-php71-php-pear||Affected|
|Red Hat Software Collections for Red Hat Enterprise Linux||rh-php70-php-pear||Affected|
|Red Hat Software Collections for Red Hat Enterprise Linux||rh-php72-php-pear||Affected|
|Red Hat Enterprise Linux 8||php-pear||Affected|
|Red Hat Enterprise Linux 7||php-pear||Affected|
|Red Hat Enterprise Linux 6||php-pear||Will not fix|
|Red Hat Enterprise Linux 5||php-pear||Not affected|
CVE description copyright © 2017, The MITRE Corporation