CVE-2017-1000013 — Open Redirect in Phpmyadmin

CWE-601 — Open Redirect9 documents5 sources

Severity

6.1MEDIUMNVD

EPSS

0.2%

top 52.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpmyadmin Debian Phpmyadmin

Timeline

PublishedJul 17

Latest updateMay 14

Description

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages4 packages

▶debiandebian/phpmyadmin< phpmyadmin 4:4.6.6-1 (bookworm)

▶Packagistphpmyadmin/phpmyadmin4.6 — 4.6.6+2

▶Debianphpmyadmin/phpmyadmin< 4:4.6.6-1+3

▶NVDphpmyadmin/phpmyadmin65 versions+64

Patches

Patch: www.phpmyadmin.net ↗Patch: www.phpmyadmin.net ↗

🔴Vulnerability Details

OSV

phpMyAdmin Open Redirect↗2022-05-14

▶

GHSA

phpMyAdmin Open Redirect↗2022-05-14

▶

OSV

CVE-2017-1000013: phpMyAdmin 4↗2017-07-17

▶

📋Vendor Advisories

Debian

CVE-2017-1000013: phpmyadmin - phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness↗2017

▶

💬Community

Bugzilla

CVE-2017-1000013 CVE-2017-1000014 CVE-2017-1000015 CVE-2017-1000016 CVE-2017-1000017 CVE-2017-1000018 phpMyAdmin: various flaws [fedora-all]↗2017-01-24

▶

Bugzilla

CVE-2017-1000013 CVE-2017-1000014 CVE-2017-1000015 CVE-2017-1000016 CVE-2017-1000017 CVE-2017-1000018 phpMyAdmin4: various flaws [epel-5]↗2017-01-24

▶

Bugzilla

CVE-2017-1000013 CVE-2017-1000014 CVE-2017-1000015 CVE-2017-1000016 CVE-2017-1000017 CVE-2017-1000018 phpMyAdmin: various flaws [epel-all]↗2017-01-24

▶

Bugzilla

CVE-2017-1000013 phpMyAdmin: Open redirect↗2017-01-24

▶