CVE-2017-18264Improper Privilege Management in Phpmyadmin

CWE-269Improper Privilege Management8 documents6 sources
Severity
9.8CRITICALNVD
OSV5.0
EPSS
0.3%
top 46.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
PhpmyadminDebian PhpmyadminDebian Linux
Timeline
PublishedMay 1
Latest updateMay 13

Description

An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg['Servers'][$i]['AllowNoPassword'] = false are bypassed under certain PHP versions (e.g., version 5). This can allow the login of users who have no password set even if the administrator has set $cfg['Servers'][$i]['AllowNoPassword'] to false (which is also the default). This occurs because some implementations of the PHP substr function retu

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages5 packages

debiandebian/phpmyadmin< phpmyadmin 4:4.6.6-2 (bookworm)
NVDphpmyadmin/phpmyadmin4.0.04.0.10.20+3
Packagistphpmyadmin/phpmyadmin4.04.0.10.20+3
Debianphpmyadmin/phpmyadmin< 4:4.6.6-2+3
Ubuntuphpmyadmin/phpmyadmin< 4:4.0.10-1ubuntu0.1+esm4+3

Also affects: Debian Linux 8.0

Patches

Patch: www.phpmyadmin.netPatch: www.phpmyadmin.net

🔴Vulnerability Details

4
GHSA
phpMyAdmin Improper Privilege Management2022-05-13
OSV
phpMyAdmin Improper Privilege Management2022-05-13
OSV
phpmyadmin vulnerabilities2021-03-16
OSV
CVE-2017-18264: An issue was discovered in libraries/common2018-05-01

📋Vendor Advisories

2
Ubuntu
phpMyAdmin vulnerabilities2021-03-16
Debian
CVE-2017-18264: phpmyadmin - An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0...2017

💬Community

1
Bugzilla
CVE-2017-18264 phpMyAdmin: Bypass $cfg['Servers'][$i]['AllowNoPassword']2017-03-31