CVE-2017-1000499
published 2018-01-03CVE-2017-1000499: phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform…
PriorityP259high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
8.46%
94.3th percentile
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | >= 4.7 < 4.7.7 | 4.7.7 |
| phpmyadmin | phpmyadmin | >= 4.7.0 < 4.7.7 | 4.7.7 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unexpected HTTP POST requests to phpMyAdmin endpoints originating from cross-origin referrers, which may indicate CSRF exploitation — particularly requests performing DROP, TRUNCATE, or DELETE database operations. ↗
- →Detect outbound DNS queries from the database server containing hex-encoded or plaintext credential strings followed by an attacker-controlled domain (DNS exfiltration via LOAD_FILE/CONCAT pattern). ↗
- →Alert on MySQL SELECT ... INTO OUTFILE statements writing PHP files to web-accessible directories (e.g. /var/www/html/), which indicates CSRF-driven arbitrary file write exploitation. ↗
- →Affected versions are phpMyAdmin 4.7.0 through 4.7.6; flag installations running these versions as unpatched. Versions older than 4.7.0 are not affected. ↗
- ·The CSRF exploit requires the victim DB admin to have an active authenticated phpMyAdmin session at the time of exploitation — no session means no impact. ↗
- ·Only phpMyAdmin 4.7.x (4.7.0–4.7.6) is affected; versions prior to 4.7.0 are explicitly listed as unaffected, so do not apply detections broadly to older installs. ↗
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_debian8.8LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
phpMyAdmin CSRF Vulnerability
osv·2022-05-14
CVE-2017-1000499 [HIGH] phpMyAdmin CSRF Vulnerability
phpMyAdmin CSRF Vulnerability
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
GHSA
phpMyAdmin CSRF Vulnerability
ghsa·2022-05-14
CVE-2017-1000499 [HIGH] CWE-352 phpMyAdmin CSRF Vulnerability
phpMyAdmin CSRF Vulnerability
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
Debian
CVE-2017-1000499: phpmyadmin - phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weak...
vendor_debian·2017·CVSS 8.8
CVE-2017-1000499 [HIGH] CVE-2017-1000499: phpmyadmin - phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weak...
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
Bugzilla
CVE-2017-1000499 phpMyAdmin: CSRF vulnerability can be used to deceive users into performing arbitrary database operations [fedora-all]
bugzilla·2018-01-10·CVSS 8.8
CVE-2017-1000499 [HIGH] CVE-2017-1000499 phpMyAdmin: CSRF vulnerability can be used to deceive users into performing arbitrary database operations [fedora-all]
CVE-2017-1000499 phpMyAdmin: CSRF vulnerability can be used to deceive users into performing arbitrary database operations [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit mess
Bugzilla
CVE-2017-1000499 phpMyAdmin: CSRF vulnerability can be used to deceive users into performing arbitrary database operations
bugzilla·2018-01-10·CVSS 8.8
CVE-2017-1000499 [HIGH] CVE-2017-1000499 phpMyAdmin: CSRF vulnerability can be used to deceive users into performing arbitrary database operations
CVE-2017-1000499 phpMyAdmin: CSRF vulnerability can be used to deceive users into performing arbitrary database operations
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-1000499
https://www.phpmyadmin.net/security/PMASA-2017-9/
http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/
https://github.com/phpmyadmin/phpmyadmin/commit/edd929216ade9f7c150a262ba3db44db0fed0e1b
https://github.com/phpmyadmin/phpmyadmin/commit/72f109a99c82b14c07dcb19946ba9b76efc32a1b
Discussion:
Created phpMyAdmin trackin
Bugzilla
CVE-2017-1000499 phpMyAdmin: CSRF vulnerability can be used to deceive users into performing arbitrary database operations [epel-all]
bugzilla·2018-01-10·CVSS 8.8
CVE-2017-1000499 [HIGH] CVE-2017-1000499 phpMyAdmin: CSRF vulnerability can be used to deceive users into performing arbitrary database operations [epel-all]
CVE-2017-1000499 phpMyAdmin: CSRF vulnerability can be used to deceive users into performing arbitrary database operations [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/http://www.securitytracker.com/id/1040163https://www.exploit-db.com/exploits/45284/https://www.phpmyadmin.net/security/PMASA-2017-9/http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/http://www.securitytracker.com/id/1040163https://www.exploit-db.com/exploits/45284/https://www.phpmyadmin.net/security/PMASA-2017-9/
2018-01-03
Published