Can you explain this vulnerability to me?

This vulnerability exists in ConcreteCMS version 9.4.7 within its File Manager component. Specifically, the 'download' method in the file 'concrete/controllers/backend/file.php' improperly manages memory when creating zip archives. It uses the 'ZipArchive::addFromString' function combined with 'file_get_contents', which loads the entire content of every selected file into PHP memory.

An authenticated attacker can exploit this by requesting a bulk download of large files, causing the system to run out of memory (Out-Of-Memory condition). This leads to the PHP-FPM process terminating unexpectedly (SIGSEGV), and the web server responds with a 500 error.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

The impact of this vulnerability is a Denial of Service (DoS) condition. An attacker with authentication can cause the web server to crash or become unresponsive by triggering an Out-Of-Memory condition through bulk downloading large files.

This results in the PHP-FPM process terminating and the server returning 500 errors, which disrupts normal service availability and can affect users' ability to access or use the File Manager component.

Useful 0 Not Useful 0

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

I don't know

Useful 0 Not Useful 0