H3-2022-0051¶

Symfony Configuration File Exposure

Description¶

The Symfony databases.yml configuration file is exposed.

Impact¶

An unauthenticated attacker can access the database credentials and gain access to all information stored in the database.

References¶

• Security Configuration Reference
• MITRE ATT&CK Technique: T1552.001: Unsecured Credentials: Credentials In Files