6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.1%
The phpMyAdmin development team reports:
XSRF/CSRF vulnerability in phpMyAdmin setup.
By deceiving a user to click on a crafted URL, it is
possible to alter the configuration file being generated
with phpMyAdmin setup.
This vulnerability only affects the configuration file
generation process and does not affect the effective
configuration file. Moreover, the configuration file being
generated is at risk only during the period when it’s
writable.
Vulnerability allowing man-in-the-middle attack on API
call to GitHub.
A vulnerability in the API call to GitHub can be
exploited to perform a man-in-the-middle attack.
We consider this vulnerability to be serious.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | phpmyadmin | = 4.4.0 | UNKNOWN |
FreeBSD | any | noarch | phpmyadmin | < 4.4.6.1 | UNKNOWN |