CVE-2016-9847
Vulnerability from cvelistv5
Published
2016-12-11 02:00
Modified
2024-08-06 02:59
Severity ?
EPSS score ?
Summary
An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/94524 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security.gentoo.org/glsa/201701-32 | ||
| cve@mitre.org | https://www.phpmyadmin.net/security/PMASA-2016-58 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94524 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201701-32 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.phpmyadmin.net/security/PMASA-2016-58 | Patch, Vendor Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.phpmyadmin.net/security/PMASA-2016-58"
},
{
"name": "94524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94524"
},
{
"name": "GLSA-201701-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-32"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user\u0027s blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.phpmyadmin.net/security/PMASA-2016-58"
},
{
"name": "94524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94524"
},
{
"name": "GLSA-201701-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-32"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9847",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user\u0027s blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.phpmyadmin.net/security/PMASA-2016-58",
"refsource": "CONFIRM",
"url": "https://www.phpmyadmin.net/security/PMASA-2016-58"
},
{
"name": "94524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94524"
},
{
"name": "GLSA-201701-32",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-32"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9847",
"datePublished": "2016-12-11T02:00:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-08-06T02:59:03.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-9847\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-12-11T02:59:44.553\",\"lastModified\":\"2024-11-21T03:01:52.197\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user\u0027s blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en phpMyAdmin. Cuando el usuario no especifica una clave blowfish_secret para cifrar las cookies, phpMyAdmin genera una en tiempo de ejecuci\u00f3n. Se inform\u00f3 de una vulnerabilidad donde la forma en que se crea este valor utiliza un algoritmo d\u00e9bil. Esto podr\u00eda permitir a un atacante determinar los usuarios blowfish_secret y potencialmente descifrar sus cookies. Todas las versiones 4.6.x (anteriores a 4.6.5), versiones 4.4.x (anteriores a 4.4.15.9) y versiones 4.0.x (anteriores a 4.0.10.18) est\u00e1n afectadas.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C641F362-D37D-47CB-BE6C-36E5F116F844\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85631B69-7060-42D1-AE24-466BA10EB390\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E62EDC79-47AA-4CED-AB7F-1E4D158EB653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0B800AA-6290-4032-AA17-21025A19C392\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"230D3D61-B090-49FA-91B1-9FA4DD2C6209\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F06DC95-76B1-4E24-A55F-1358A25ED0E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CA76CB4-6167-446A-8D4F-6D5B38046334\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D28655-7F37-474D-A4E2-772AF24B94E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FA1951E-BD85-42BF-BF7F-79A14D165914\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D08BEE8-5ACF-438D-9F06-86C6227C9A5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58DD0910-DBBA-4858-B9B1-FA93D08323D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50DA8EBE-52AA-45A5-A5FB-75AF84E415E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC8D93A3-8997-4EB9-A411-74B296D1341F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E5A81B2-E16F-4AE2-9691-92D3E8A25CCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0245AF2D-F856-4CAA-A830-36D43026D1E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00BD9E52-A6BB-48BB-9FEE-D0272AD9B6DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C69E253E-157D-45BA-A977-079A49F74A72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6325E2AE-BB86-4953-AA9E-0433C00B096E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C54B828-8B23-4C62-907E-8EE7E757B721\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02DD18C8-172B-41CD-87DD-58BDEC0D9418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10666E30-D98A-47A9-881A-B281066F0EC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3993826B-CA66-4BC2-8E1B-06CF9230B214\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14928F51-761E-4FCA-B13C-A11530C7FC46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB761644-20F5-4E0D-B301-7809EAECA813\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"896439D0-6C98-44A6-8C9D-0D57D57782D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"978B828C-1FCB-4386-B685-5BEE5A8A500C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51A3261B-23BE-42D7-8A52-AE2E8C274A3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0B7EA51-27EC-4884-8D60-FB9477D2B91A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6C9F2CC-778B-4604-B463-7A1D3FB8B9C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B20C44D-0EF1-48F2-B0AA-C8FF0BD9E252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F85FEC-427E-487D-997E-7EE359475876\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C825978-7E00-4C20-A806-0B968AA589AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34986C36-1C93-4DA8-A4C2-0CB8B24BAD3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B744FB8F-C58C-446C-B4B9-53548EBE12D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C50F69E9-0326-4A6F-B2FE-D87AB811281A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13CD0228-728B-437A-84C1-BD7AFA52FFB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFF55485-9892-4E7B-AEE0-017E61EAA7C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6100FE3E-0A31-4B55-90F2-90AF765A8EB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBAAC8D9-AAA5-487C-B4AA-84BAE5DB109E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E06B1D3-29B4-45B7-B81F-C864AF579011\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B2E3923-0E2B-411A-B091-088E6FF050D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1848C748-804D-4FE4-AB9C-B1BF9E58A19C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12296322-DFAD-4B36-83EC-D01BF5DF7F2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA321C14-C8F4-41FC-B601-2F646064ABBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54DBCF86-0CE8-46C4-B2E7-E3224765CCFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BF3DBC5-7020-48D0-ADEA-E71776DB2285\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"317F952E-5F12-4ED3-8FA3-FC1106B50F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87B97F98-C0A7-4D9E-8333-7EE9EC456A12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A1E753D-5653-4D7A-8E41-6C02511EBFCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"417230C7-0EC2-49F4-B810-A8AE84A302AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"103FEAB1-194E-4CEF-935A-4DBCCA298205\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5814003-9FF8-4F8E-9D90-A2BBB80B8451\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6D742A8-B9D0-4BC0-8E3E-E0FDCC1083FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16D28B77-9353-4259-9299-30638A78CCD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C022292B-6E06-4328-842F-135A872D22AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F15F00FB-BB9B-4D54-B198-0A74D418B8DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC10AF20-7B65-4FAE-A2AD-783867D60A8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EB7190C-0401-4E2E-B15F-4CFC79D5A4E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BED20D9-C571-4BC5-9A54-450A364C6E43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A2B646D-DDFC-4CB2-B7F4-0C33AF18D14F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CBF68B2-2BCF-4EEB-8A7C-D83DCAF1AFB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36B92C51-B51B-4538-8A2A-102881F8024C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74C191A5-3316-4A34-8B37-64D6DD616CEF\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/94524\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.gentoo.org/glsa/201701-32\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.phpmyadmin.net/security/PMASA-2016-58\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94524\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.gentoo.org/glsa/201701-32\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.phpmyadmin.net/security/PMASA-2016-58\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.