Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-18264

An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg['Servers'][$i]['AllowNoPassword'] = false are bypassed under certain PHP versions (e.g., version 5). This can allow the login of users who have no password set even if the administrator has set $cfg['Servers'][$i]['AllowNoPassword'] to false (which is also the default). This occurs because some implementations of the PHP substr function return false when given '' as the first argument.

Published

2018-05-01T17:29:00.237

Last Modified

2024-11-21T03:19:43.160

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application phpmyadmin phpmyadmin < 4.0.10.20 Yes
Application phpmyadmin phpmyadmin ≤ 4.4.15.10 Yes
Application phpmyadmin phpmyadmin ≤ 4.6.6 Yes
Application phpmyadmin phpmyadmin 4.7.0 Yes
Application phpmyadmin phpmyadmin 4.7.0 Yes
Operating System debian debian_linux 8.0 Yes
References