Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-45195HistoryJun 24, 2024 - 10:15 p.m.
CVE-2023-45195
2024-06-2422:15:10
Debian Security Bug Tracker
security-tracker.debian.org
adminerevo
vulnerability
ssrf
database connection
unauthenticated
remote attackers
fixed
6.9 Medium
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:L/VI:N/SI:N/VA:N/SA:N/AU:Y
7.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Adminer and AdminerEvo are vulnerable to SSRF via database connection fields. This could allow an unauthenticated remote attacker to enumerate or access systems the attacker would not otherwise have access to.Β Adminer is no longer supported, but this issue was fixed in AdminerEvo version 4.8.4.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | adminer | <=Β 4.8.1-1 | adminer_4.8.1-1_all.deb |
| Debian | 11 | all | adminer | <=Β 4.7.9-2 | adminer_4.7.9-2_all.deb |
| Debian | 999 | all | adminer | <=Β 4.8.1-2 | adminer_4.8.1-2_all.deb |
| Debian | 13 | all | adminer | <=Β 4.8.1-2 | adminer_4.8.1-2_all.deb |
Related
nvd
nvd
CVE-2023-45195
2024-06-24 22:15:10
vulnrichment
vulnrichment
CVE-2023-45195 Adminer and AdminerEvo SSRF
2024-06-24 21:06:09
cvelist
cvelist
CVE-2023-45195 Adminer and AdminerEvo SSRF
2024-06-24 21:06:09
ubuntucve
ubuntucve
CVE-2023-45195
2024-06-25 00:00:00
cve
cve
CVE-2023-45195
2024-06-24 22:15:10
6.9 Medium
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:L/VI:N/SI:N/VA:N/SA:N/AU:Y
7.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Related for DEBIANCVE:CVE-2023-45195