CVE-2021-3850 — Authentication Bypass by Primary Weakness in Adodb

CWE-305 — Authentication Bypass by Primary Weakness CWE-287 — Improper Authentication CWE-347 — Improper Verification of Cryptographic Signature10 documents6 sources

Severity

9.1CRITICALNVD

OSV6.1

EPSS

0.3%

top 49.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adodb Adodb Adodb Adodb-php Debian Libphp-adodb +2 more

Timeline

PublishedJan 25

Latest updateJun 10

Description

Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages4 packages

▶Packagistadodb/adodb-php5.21.0 — 5.21.4+1

▶CVEListV5adodb/adodb_adodbunspecified — 5.20.21

▶debiandebian/libphp-adodb< libphp-adodb 5.21.4-1 (bookworm)

▶NVDadodb_project/adodb5.20.21

Also affects: Debian Linux 9.0

Patches

Patch: github.com ↗Patch: huntr.dev ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

libphp-adodb vulnerabilities↗2024-06-10

▶

OSV

Authentication Bypass in ADOdb/ADOdb↗2022-01-27

▶

GHSA

Authentication Bypass in ADOdb/ADOdb↗2022-01-27

▶

OSV

CVE-2021-3850: Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5↗2022-01-25

▶

📋Vendor Advisories

Ubuntu

ADOdb vulnerabilities↗2024-06-10

▶

Cisco

Cisco IOS XE Software Fast Reload Vulnerabilities↗2021-03-24

▶

Debian

CVE-2021-3850: libphp-adodb - Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior...↗2021

▶

Cisco

Cisco IOS XE Software Fast Reload Vulnerabilities↗

▶

Cisco

Cisco IOS XE Software Fast Reload Vulnerabilities↗

▶