phpMyAdmin 4.4.15.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Information Disclosure

medium Nessus Network Monitor Plugin ID 9856

Synopsis

The remote web server contains a version of phpMyAdmin that is affected by multiple information disclosure attack vectors.

Description

Versions of phpMyAdmin 4.4.15.x prior to 4.4.15.9, and 4.6.x prior to 4.6.5 are unpatched, and therefore affected by the following vulnerabilities :

- A flaw exists in 'libraries/VersionInformation.php' related to false values being passed to the 'json_decode()' method. This may allow an authenticated, remote attacker to disclose the software's installation path. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.
- A flaw exists related to export timeouts in the 'PMA_shutdownDuringExport()' function in 'libraries/export.lib.php'. This may allow an authenticated, remote attacker to disclose the software's installation path. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Solution

Upgrade to phpMyAdmin version 4.6.5 or later. If 4.6.x cannot be obtained, version 4.4.15.9 has also been patched for these vulnerabilities.

See Also

https://www.phpmyadmin.net/news/2016/12/5/phpmyadmin-4652-released

https://www.phpmyadmin.net/security/PMASA-2016-44

Plugin Details

Severity: Medium

ID: 9856

Family: CGI

Published: 1/9/2017

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:phpmyadmin:phpmyadmin

Patch Publication Date: 10/25/2016

Vulnerability Publication Date: 10/25/2016

Reference Information

CVE: CVE-2016-9854, CVE-2016-9855

BID: 94527