{"id": "FEDORA:E6706610D7CA", "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 29 Update: phpMyAdmin-4.9.1-1.fc29", "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, index es, users, permissions), while you still have the ability to directly execute a ny SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execu te, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument T ext and Spreadsheet, Word, Excel, LATEX and others, administering multiple serv ers, creating PDF graphics of your database layout, creating complex queries usi ng Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined function s, like displaying BLOB-data as image or download-link and much more... ", "published": "2019-10-02T01:41:56", "modified": "2019-10-02T01:41:56", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "href": "", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2019-12922"], "immutableFields": [], "lastseen": "2021-07-28T14:46:51", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2019-1308"]}, {"type": "cve", "idList": ["CVE-2019-12922"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-12922"]}, {"type": "exploitdb", "idList": ["EDB-ID:47385"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:52E30F0ED5D3BBC459252E87FA000FAB"]}, {"type": "fedora", "idList": ["FEDORA:7F43960D1C91", "FEDORA:C420960963F9"]}, {"type": "hackerone", "idList": ["H1:1113212"]}, {"type": "nessus", "idList": ["FEDORA_2019-3B5A7ABE17.NASL", "FEDORA_2019-6404181BF9.NASL", "FEDORA_2019-644B438F51.NASL", "OPENSUSE-2019-2211.NASL", "OPENSUSE-2020-56.NASL", "PHPMYADMIN_PMASA_4_9_1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310142897", "OPENVAS:1361412562310142898", "OPENVAS:1361412562310852718", "OPENVAS:1361412562310876871", "OPENVAS:1361412562310876876", "OPENVAS:1361412562310877201"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:154483"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2211-1", "OPENSUSE-SU-2020:0056-1"]}, {"type": "thn", "idList": ["THN:E97CD3C1CB3F0AA49420F764BE5DE2B9"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-12922"]}, {"type": "zdt", "idList": ["1337DAY-ID-33253"]}], "rev": 4}, "score": {"value": 5.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2019-1308"]}, {"type": "cve", "idList": ["CVE-2019-12922"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-12922"]}, {"type": "exploitdb", "idList": ["EDB-ID:47385"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:52E30F0ED5D3BBC459252E87FA000FAB"]}, {"type": "fedora", "idList": ["FEDORA:7F43960D1C91", "FEDORA:C420960963F9"]}, {"type": "hackerone", "idList": ["H1:1113212"]}, {"type": "nessus", "idList": ["FEDORA_2019-3B5A7ABE17.NASL", "FEDORA_2019-6404181BF9.NASL", "FEDORA_2019-644B438F51.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310142897", "OPENVAS:1361412562310142898", "OPENVAS:1361412562310852718", "OPENVAS:1361412562310876871", "OPENVAS:1361412562310876876"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:154483"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2211-1"]}, {"type": "thn", "idList": ["THN:E97CD3C1CB3F0AA49420F764BE5DE2B9"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-12922"]}, {"type": "zdt", "idList": ["1337DAY-ID-33253"]}]}, "exploitation": null, "vulnersScore": 5.7}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "29", "arch": "any", "packageVersion": "4.9.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "phpmyadmin"}], "_state": {"dependencies": 1647589307, "score": 0}}

{"nessus": [{"lastseen": "2021-09-28T12:33:15", "description": "Upstream announcement :\n\nWelcome to **phpMyAdmin 4.9.1**, a bugfix release.\n\nThis is a regularly-schedule bugfix release that also includes some security hardening measures.\n\nWe wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for this has been in our release queue to be part of this release, however it is the opinion of the team that the reported attack vector did not justify a separate release.\n\nThis release includes fixes for many bugs, including :\n\n - Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13 and newer\n\n - Compatibility issues with PHP 8\n\n - Export of GIS visualization\n\n - Enhanced descriptions for several collation types\n\n - Creating a user with a single quote in the password string\n\n - Unexpected quotes during import and export on text fields\n\n - Improvements to adding new tables to Designer\n\n - Fix an issue where an authenticated user could trigger heavy traffic between the database server and web server\n\n - Fix a weakness where an attacker, under certain conditions, working at the same time as an administrator is using the setup script, could delete a server from the setup script\n\nThere are many, many more bug fixes thanks to the efforts of our developers, Google Summer of Code applicants, and other contributors.\n\nThe phpMyAdmin team\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "Fedora 29 : phpMyAdmin (2019-3b5a7abe17)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2019-11-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:phpMyAdmin", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-3B5A7ABE17.NASL", "href": "https://www.tenable.com/plugins/nessus/129509", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-3b5a7abe17.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129509);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/11/12\");\n\n script_cve_id(\"CVE-2019-12922\");\n script_xref(name:\"FEDORA\", value:\"2019-3b5a7abe17\");\n\n script_name(english:\"Fedora 29 : phpMyAdmin (2019-3b5a7abe17)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream announcement :\n\nWelcome to **phpMyAdmin 4.9.1**, a bugfix release.\n\nThis is a regularly-schedule bugfix release that also includes some\nsecurity hardening measures.\n\nWe wish to point out that this also includes a routine fix for an\nissue that has been reported as CVE-2019-12922. The fix for this has\nbeen in our release queue to be part of this release, however it is\nthe opinion of the team that the reported attack vector did not\njustify a separate release.\n\nThis release includes fixes for many bugs, including :\n\n - Editing columns with CURRENT_TIMESTAMP for MySQL\n versions 8.0.13 and newer\n\n - Compatibility issues with PHP 8\n\n - Export of GIS visualization\n\n - Enhanced descriptions for several collation types\n\n - Creating a user with a single quote in the password\n string\n\n - Unexpected quotes during import and export on text\n fields\n\n - Improvements to adding new tables to Designer\n\n - Fix an issue where an authenticated user could trigger\n heavy traffic between the database server and web server\n\n - Fix a weakness where an attacker, under certain\n conditions, working at the same time as an administrator\n is using the setup script, could delete a server from\n the setup script\n\nThere are many, many more bug fixes thanks to the efforts of our\ndevelopers, Google Summer of Code applicants, and other contributors.\n\nThe phpMyAdmin team\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-3b5a7abe17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"phpMyAdmin-4.9.1-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-02-19T13:27:30", "description": "This update for phpMyAdmin to 4.9.1 fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2019-12922: Fixed CSRF issue that allowed deletion of any server in the Setup page. (boo#1150914)", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}, "published": "2019-09-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : phpMyAdmin (openSUSE-2019-2211)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2020-09-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:phpMyAdmin", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2211.NASL", "href": "https://www.tenable.com/plugins/nessus/129461", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2211.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129461);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/23\");\n\n script_cve_id(\"CVE-2019-12922\");\n\n script_name(english:\"openSUSE Security Update : phpMyAdmin (openSUSE-2019-2211)\");\n script_summary(english:\"Check for the openSUSE-2019-2211 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for phpMyAdmin to 4.9.1 fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2019-12922: Fixed CSRF issue that allowed deletion\n of any server in the Setup page. (boo#1150914)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150914\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"phpMyAdmin-4.9.1-lp151.2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-09-28T12:33:39", "description": "Upstream announcement :\n\nWelcome to **phpMyAdmin 4.9.1**, a bugfix release.\n\nThis is a regularly-schedule bugfix release that also includes some security hardening measures.\n\nWe wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for this has been in our release queue to be part of this release, however it is the opinion of the team that the reported attack vector did not justify a separate release.\n\nThis release includes fixes for many bugs, including :\n\n - Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13 and newer\n\n - Compatibility issues with PHP 8\n\n - Export of GIS visualization\n\n - Enhanced descriptions for several collation types\n\n - Creating a user with a single quote in the password string\n\n - Unexpected quotes during import and export on text fields\n\n - Improvements to adding new tables to Designer\n\n - Fix an issue where an authenticated user could trigger heavy traffic between the database server and web server\n\n - Fix a weakness where an attacker, under certain conditions, working at the same time as an administrator is using the setup script, could delete a server from the setup script\n\nThere are many, many more bug fixes thanks to the efforts of our developers, Google Summer of Code applicants, and other contributors.\n\nThe phpMyAdmin team\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "Fedora 31 : phpMyAdmin (2019-644b438f51)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2019-11-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:phpMyAdmin", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-644B438F51.NASL", "href": "https://www.tenable.com/plugins/nessus/129621", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-644b438f51.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129621);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/11/12\");\n\n script_cve_id(\"CVE-2019-12922\");\n script_xref(name:\"FEDORA\", value:\"2019-644b438f51\");\n\n script_name(english:\"Fedora 31 : phpMyAdmin (2019-644b438f51)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream announcement :\n\nWelcome to **phpMyAdmin 4.9.1**, a bugfix release.\n\nThis is a regularly-schedule bugfix release that also includes some\nsecurity hardening measures.\n\nWe wish to point out that this also includes a routine fix for an\nissue that has been reported as CVE-2019-12922. The fix for this has\nbeen in our release queue to be part of this release, however it is\nthe opinion of the team that the reported attack vector did not\njustify a separate release.\n\nThis release includes fixes for many bugs, including :\n\n - Editing columns with CURRENT_TIMESTAMP for MySQL\n versions 8.0.13 and newer\n\n - Compatibility issues with PHP 8\n\n - Export of GIS visualization\n\n - Enhanced descriptions for several collation types\n\n - Creating a user with a single quote in the password\n string\n\n - Unexpected quotes during import and export on text\n fields\n\n - Improvements to adding new tables to Designer\n\n - Fix an issue where an authenticated user could trigger\n heavy traffic between the database server and web server\n\n - Fix a weakness where an attacker, under certain\n conditions, working at the same time as an administrator\n is using the setup script, could delete a server from\n the setup script\n\nThere are many, many more bug fixes thanks to the efforts of our\ndevelopers, Google Summer of Code applicants, and other contributors.\n\nThe phpMyAdmin team\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-644b438f51\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"phpMyAdmin-4.9.1-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-09-28T12:32:13", "description": "Upstream announcement :\n\nWelcome to **phpMyAdmin 4.9.1**, a bugfix release.\n\nThis is a regularly-schedule bugfix release that also includes some security hardening measures.\n\nWe wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for this has been in our release queue to be part of this release, however it is the opinion of the team that the reported attack vector did not justify a separate release.\n\nThis release includes fixes for many bugs, including :\n\n - Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13 and newer\n\n - Compatibility issues with PHP 8\n\n - Export of GIS visualization\n\n - Enhanced descriptions for several collation types\n\n - Creating a user with a single quote in the password string\n\n - Unexpected quotes during import and export on text fields\n\n - Improvements to adding new tables to Designer\n\n - Fix an issue where an authenticated user could trigger heavy traffic between the database server and web server\n\n - Fix a weakness where an attacker, under certain conditions, working at the same time as an administrator is using the setup script, could delete a server from the setup script\n\nThere are many, many more bug fixes thanks to the efforts of our developers, Google Summer of Code applicants, and other contributors.\n\nThe phpMyAdmin team\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "Fedora 30 : phpMyAdmin (2019-6404181bf9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2019-11-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:phpMyAdmin", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-6404181BF9.NASL", "href": "https://www.tenable.com/plugins/nessus/129510", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-6404181bf9.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129510);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/11/12\");\n\n script_cve_id(\"CVE-2019-12922\");\n script_xref(name:\"FEDORA\", value:\"2019-6404181bf9\");\n\n script_name(english:\"Fedora 30 : phpMyAdmin (2019-6404181bf9)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream announcement :\n\nWelcome to **phpMyAdmin 4.9.1**, a bugfix release.\n\nThis is a regularly-schedule bugfix release that also includes some\nsecurity hardening measures.\n\nWe wish to point out that this also includes a routine fix for an\nissue that has been reported as CVE-2019-12922. The fix for this has\nbeen in our release queue to be part of this release, however it is\nthe opinion of the team that the reported attack vector did not\njustify a separate release.\n\nThis release includes fixes for many bugs, including :\n\n - Editing columns with CURRENT_TIMESTAMP for MySQL\n versions 8.0.13 and newer\n\n - Compatibility issues with PHP 8\n\n - Export of GIS visualization\n\n - Enhanced descriptions for several collation types\n\n - Creating a user with a single quote in the password\n string\n\n - Unexpected quotes during import and export on text\n fields\n\n - Improvements to adding new tables to Designer\n\n - Fix an issue where an authenticated user could trigger\n heavy traffic between the database server and web server\n\n - Fix a weakness where an attacker, under certain\n conditions, working at the same time as an administrator\n is using the setup script, could delete a server from\n the setup script\n\nThere are many, many more bug fixes thanks to the efforts of our\ndevelopers, Google Summer of Code applicants, and other contributors.\n\nThe phpMyAdmin team\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-6404181bf9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"phpMyAdmin-4.9.1-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-12T16:12:46", "description": "A cross-site request forgery (XSRF) vulnerability exists in the Setup page of phpMyAdmin. A remote attacker can exploit this by tricking a user into visiting a specially crafted web page, allowing the attacker to delete any server in the setup page by creating a fake hyperlink containing the malicious request it wants the victim's web browser to execute. \n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}, "published": "2019-10-08T00:00:00", "type": "nessus", "title": "phpMyAdmin <= 4.9.1 Cross-Site Request Forgery Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin"], "id": "PHPMYADMIN_PMASA_4_9_1.NASL", "href": "https://www.tenable.com/plugins/nessus/129696", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129696);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2019-12922\");\n\n script_name(english:\"phpMyAdmin <= 4.9.1 Cross-Site Request Forgery Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts a PHP application that is affected by a cross-site request forgery vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"A cross-site request forgery (XSRF) vulnerability exists in the \nSetup page of phpMyAdmin. A remote attacker can exploit this by \ntricking a user into visiting a specially crafted web page, allowing \nthe attacker to delete any server in the setup page by creating a \nfake hyperlink containing the malicious request it wants the \nvictim's web browser to execute. \n\nNote that Nessus has not tested for this issue but has instead \nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpmyadmin.net/files/4.9.1/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to phpMyAdmin version 4.9.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-12922\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/08\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:phpmyadmin:phpmyadmin\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"phpMyAdmin_detect.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/phpMyAdmin\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:80, php:TRUE);\n\napp_info = vcf::get_app_info(app:'phpMyAdmin', port:port, webapp:TRUE);\n\nconstraints = [{'fixed_version' : '4.9.1'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:17:07", "description": "This update for phpMyAdmin to version 4.9.4 fixes the following issues :\n\n - CVE-2020-5504: SQL injection in user accounts page (boo#1160456).", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-01-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : phpMyAdmin (openSUSE-2020-56)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922", "CVE-2019-18622", "CVE-2020-5504"], "modified": "2020-01-17T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:phpMyAdmin", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-56.NASL", "href": "https://www.tenable.com/plugins/nessus/132917", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-56.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132917);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/17\");\n\n script_cve_id(\"CVE-2019-12922\", \"CVE-2019-18622\", \"CVE-2020-5504\");\n\n script_name(english:\"openSUSE Security Update : phpMyAdmin (openSUSE-2020-56)\");\n script_summary(english:\"Check for the openSUSE-2020-56 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for phpMyAdmin to version 4.9.4 fixes the following \nissues :\n\n - CVE-2020-5504: SQL injection in user accounts page\n (boo#1160456).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150914\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1157614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1160456\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"phpMyAdmin-4.9.4-lp151.2.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:19:31", "description": "A cross-site request forgery vulnerability exists in PhpMyAdmin. Successful exploitation of this vulnerability can result in the deletion of servers.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-09-26T00:00:00", "type": "checkpoint_advisories", "title": "PhpMyAdmin Cross-Site Request Forgery (CVE-2019-12922)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-26T00:00:00", "id": "CPAI-2019-1308", "href": "", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, index es, users, permissions), while you still have the ability to directly execute a ny SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execu te, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument T ext and Spreadsheet, Word, Excel, LATEX and others, administering multiple serv ers, creating PDF graphics of your database layout, creating complex queries usi ng Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined function s, like displaying BLOB-data as image or download-link and much more... ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-10-02T02:00:47", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: phpMyAdmin-4.9.1-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922"], "modified": "2019-10-02T02:00:47", "id": "FEDORA:C420960963F9", "href": "", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, index es, users, permissions), while you still have the ability to directly execute a ny SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execu te, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument T ext and Spreadsheet, Word, Excel, LATEX and others, administering multiple serv ers, creating PDF graphics of your database layout, creating complex queries usi ng Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined function s, like displaying BLOB-data as image or download-link and much more... ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-10-01T00:02:19", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: phpMyAdmin-4.9.1-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922"], "modified": "2019-10-01T00:02:19", "id": "FEDORA:7F43960D1C91", "href": "", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "packetstorm": [{"lastseen": "2019-09-13T21:36:43", "description": "", "cvss3": {}, "published": "2019-09-13T00:00:00", "type": "packetstorm", "title": "phpMyAdmin 4.9.0.1 Cross Site Request Forgery", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-13T00:00:00", "id": "PACKETSTORM:154483", "href": "https://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html", "sourceData": "`============================================= \nMGC ALERT 2019-003 \n- Original release date: June 13, 2019 \n- Last revised: September 13, 2019 \n- Discovered by: Manuel Garcia Cardenas \n- Severity: 4,3/10 (CVSS Base Score) \n- CVE-ID: CVE-2019-12922 \n============================================= \n \nI. VULNERABILITY \n------------------------- \nphpMyAdmin 4.9.0.1 - Cross-Site Request Forgery \n \nII. BACKGROUND \n------------------------- \nphpMyAdmin is a free software tool written in PHP, intended to handle the \nadministration of MySQL over the Web. phpMyAdmin supports a wide range of \noperations on MySQL and MariaDB. \n \nIII. DESCRIPTION \n------------------------- \nHas been detected a Cross-Site Request Forgery in phpMyAdmin, that allows \nan attacker to trigger a CSRF attack against a phpMyAdmin user deleting any \nserver in the Setup page. \n \nIV. PROOF OF CONCEPT \n------------------------- \nExploit CSRF - Deleting main server \n \n<p>Deleting Server 1</p> \n<img src=\" \nhttp://server/phpmyadmin/setup/index.php?page=servers&mode=remove&id=1\" \nstyle=\"display:none;\" /> \n \nV. BUSINESS IMPACT \n------------------------- \nThe attacker can easily create a fake hyperlink containing the request that \nwants to execute on behalf the user,in this way making possible a CSRF \nattack due to the wrong use of HTTP method. \n \nVI. SYSTEMS AFFECTED \n------------------------- \nphpMyAdmin <= 4.9.0.1 \n \nVII. SOLUTION \n------------------------- \nImplement in each call the validation of the token variable, as already \ndone in other phpMyAdmin requests. \n \nVIII. REFERENCES \n------------------------- \nhttps://www.phpmyadmin.net/ \n \nIX. CREDITS \n------------------------- \nThis vulnerability has been discovered and reported \nby Manuel Garcia Cardenas (advidsec (at) gmail (dot) com). \n \nX. REVISION HISTORY \n------------------------- \nJune 13, 2019 1: Initial release \nSeptember 13, 2019 2: Last revision \n \nXI. DISCLOSURE TIMELINE \n------------------------- \nJune 13, 2019 1: Vulnerability acquired by Manuel Garcia Cardenas \nJune 13, 2019 2: Send to vendor \nJuly 16, 2019 3: New request to vendor without fix date \nSeptember 13, 2019 4: Sent to lists \n \nXII. LEGAL NOTICES \n------------------------- \nThe information contained within this advisory is supplied \"as-is\" with no \nwarranties or guarantees of fitness of use or otherwise. \n \nXIII. ABOUT \n------------------------- \nManuel Garcia Cardenas \nPentester \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/154483/phpmyadmin4901-xsrf.txt", "cvss": {"score": 0.0, "vector": "NONE"}}], "exploitpack": [{"lastseen": "2020-04-01T20:41:01", "description": "\nphpMyAdmin 4.9.0.1 - Cross-Site Request Forgery", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-09-13T00:00:00", "title": "phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery", "type": "exploitpack", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-13T00:00:00", "id": "EXPLOITPACK:52E30F0ED5D3BBC459252E87FA000FAB", "href": "", "sourceData": "=============================================\nMGC ALERT 2019-003\n- Original release date: June 13, 2019\n- Last revised: September 13, 2019\n- Discovered by: Manuel Garcia Cardenas\n- Severity: 4,3/10 (CVSS Base Score)\n- CVE-ID: CVE-2019-12922\n=============================================\n\nI. VULNERABILITY\n-------------------------\nphpMyAdmin 4.9.0.1 - Cross-Site Request Forgery\n\nII. BACKGROUND\n-------------------------\nphpMyAdmin is a free software tool written in PHP, intended to handle the\nadministration of MySQL over the Web. phpMyAdmin supports a wide range of\noperations on MySQL and MariaDB.\n\nIII. DESCRIPTION\n-------------------------\nHas been detected a Cross-Site Request Forgery in phpMyAdmin, that allows\nan attacker to trigger a CSRF attack against a phpMyAdmin user deleting any\nserver in the Setup page.\n\nIV. PROOF OF CONCEPT\n-------------------------\nExploit CSRF - Deleting main server\n\n<p>Deleting Server 1</p>\n<img src=\"\nhttp://server/phpmyadmin/setup/index.php?page=servers&mode=remove&id=1\"\nstyle=\"display:none;\" />\n\nV. BUSINESS IMPACT\n-------------------------\nThe attacker can easily create a fake hyperlink containing the request that\nwants to execute on behalf the user,in this way making possible a CSRF\nattack due to the wrong use of HTTP method.\n\nVI. SYSTEMS AFFECTED\n-------------------------\nphpMyAdmin <= 4.9.0.1\n\nVII. SOLUTION\n-------------------------\nImplement in each call the validation of the token variable, as already\ndone in other phpMyAdmin requests.\n\nVIII. REFERENCES\n-------------------------\nhttps://www.phpmyadmin.net/\n\nIX. CREDITS\n-------------------------\nThis vulnerability has been discovered and reported\nby Manuel Garcia Cardenas (advidsec (at) gmail (dot) com).\n\nX. REVISION HISTORY\n-------------------------\nJune 13, 2019 1: Initial release\nSeptember 13, 2019 2: Last revision\n\nXI. DISCLOSURE TIMELINE\n-------------------------\nJune 13, 2019 1: Vulnerability acquired by Manuel Garcia Cardenas\nJune 13, 2019 2: Send to vendor\nJuly 16, 2019 3: New request to vendor without fix date\nSeptember 13, 2019 4: Sent to lists\n\nXII. LEGAL NOTICES\n-------------------------\nThe information contained within this advisory is supplied \"as-is\" with no\nwarranties or guarantees of fitness of use or otherwise.\n\nXIII. ABOUT\n-------------------------\nManuel Garcia Cardenas\nPentester", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-14T14:48:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2019-644b438f51", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877201", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877201", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877201\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-12922\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:31:30 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2019-644b438f51\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-644b438f51\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the FEDORA-2019-644b438f51 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"phpMyAdmin is a tool written in PHP intended to handle the administration of\nMySQL over the World Wide Web. Most frequently used operations are supported\nby the user interface (managing databases, tables, fields, relations, indexes,\nusers, permissions), while you still have the ability to directly execute any\nSQL statement.\n\nFeatures include an intuitive web interface, support for most MySQL features\n(browse and drop databases, tables, views, fields and indexes, create, copy,\ndrop, rename and alter databases, tables, fields and indexes, maintenance\nserver, databases and tables, with proposals on server configuration, execute,\nedit and bookmark any SQL-statement, even batch-queries, manage MySQL users\nand privileges, manage stored procedures and triggers), import data from CSV\nand SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text\nand Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,\ncreating PDF graphics of your database layout, creating complex queries using\nQuery-by-example (QBE), searching globally in a database or a subset of it,\ntransforming stored data into any format using a set of predefined functions,\nlike displaying BLOB-data as image or download-link and much more...\");\n\n script_tag(name:\"affected\", value:\"'phpMyAdmin' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~4.9.1~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-01-31T16:53:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-29T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2019:2211-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852718", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852718", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852718\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-12922\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-29 02:01:30 +0000 (Sun, 29 Sep 2019)\");\n script_name(\"openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2019:2211-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2211-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00079.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the openSUSE-SU-2019:2211-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for phpMyAdmin to 4.9.1 fixes the following issues:\n\n\n Security issue fixed:\n\n - CVE-2019-12922: Fixed CSRF issue that allowed deletion of any server in\n the Setup page. (boo#1150914)\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2211=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2211=1\n\n - openSUSE Backports SLE-15-SP1:\n\n zypper in -t patch openSUSE-2019-2211=1\n\n - openSUSE Backports SLE-15:\n\n zypper in -t patch openSUSE-2019-2211=1\n\n - SUSE Package Hub for SUSE Linux Enterprise 12:\n\n zypper in -t patch openSUSE-2019-2211=1\");\n\n script_tag(name:\"affected\", value:\"'phpMyAdmin' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~4.9.1~lp150.34.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-10-04T18:37:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-04T00:00:00", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2019-6404181bf9", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2019-10-04T00:00:00", "id": "OPENVAS:1361412562310876876", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876876", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876876\");\n script_version(\"2019-10-04T07:25:00+0000\");\n script_cve_id(\"CVE-2019-12922\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-04 07:25:00 +0000 (Fri, 04 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-04 02:29:08 +0000 (Fri, 04 Oct 2019)\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2019-6404181bf9\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-6404181bf9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the FEDORA-2019-6404181bf9 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"phpMyAdmin is a tool written in PHP intended to handle the administration of\nMySQL over the World Wide Web. Most frequently used operations are supported\nby the user interface (managing databases, tables, fields, relations, indexes,\nusers, permissions), while you still have the ability to directly execute any\nSQL statement.\n\nFeatures include an intuitive web interface, support for most MySQL features\n(browse and drop databases, tables, views, fields and indexes, create, copy,\ndrop, rename and alter databases, tables, fields and indexes, maintenance\nserver, databases and tables, with proposals on server configuration, execute,\nedit and bookmark any SQL-statement, even batch-queries, manage MySQL users\nand privileges, manage stored procedures and triggers), import data from CSV\nand SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text\nand Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,\ncreating PDF graphics of your database layout, creating complex queries using\nQuery-by-example (QBE), searching globally in a database or a subset of it,\ntransforming stored data into any format using a set of predefined functions,\nlike displaying BLOB-data as image or download-link and much more...\");\n\n script_tag(name:\"affected\", value:\"'phpMyAdmin' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~4.9.1~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-10-04T18:38:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-04T00:00:00", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2019-3b5a7abe17", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2019-10-04T00:00:00", "id": "OPENVAS:1361412562310876871", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876871", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876871\");\n script_version(\"2019-10-04T07:25:00+0000\");\n script_cve_id(\"CVE-2019-12922\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-04 07:25:00 +0000 (Fri, 04 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-04 02:29:03 +0000 (Fri, 04 Oct 2019)\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2019-3b5a7abe17\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3b5a7abe17\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the FEDORA-2019-3b5a7abe17 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"phpMyAdmin is a tool written in PHP intended to handle the administration of\nMySQL over the World Wide Web. Most frequently used operations are supported\nby the user interface (managing databases, tables, fields, relations, indexes,\nusers, permissions), while you still have the ability to directly execute any\nSQL statement.\n\nFeatures include an intuitive web interface, support for most MySQL features\n(browse and drop databases, tables, views, fields and indexes, create, copy,\ndrop, rename and alter databases, tables, fields and indexes, maintenance\nserver, databases and tables, with proposals on server configuration, execute,\nedit and bookmark any SQL-statement, even batch-queries, manage MySQL users\nand privileges, manage stored procedures and triggers), import data from CSV\nand SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text\nand Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,\ncreating PDF graphics of your database layout, creating complex queries using\nQuery-by-example (QBE), searching globally in a database or a subset of it,\ntransforming stored data into any format using a set of predefined functions,\nlike displaying BLOB-data as image or download-link and much more...\");\n\n script_tag(name:\"affected\", value:\"'phpMyAdmin' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~4.9.1~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-09-17T14:26:18", "description": "phpMyAdmin is prone to a CSRF vulnerability.", "cvss3": {}, "published": "2019-09-17T00:00:00", "type": "openvas", "title": "phpMyAdmin <= 4.9.0.1 CSRF Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-17T00:00:00", "id": "OPENVAS:1361412562310142897", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142897", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142897\");\n script_version(\"2019-09-17T06:21:11+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-17 06:21:11 +0000 (Tue, 17 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-17 06:16:03 +0000 (Tue, 17 Sep 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n\n script_cve_id(\"CVE-2019-12922\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"NoneAvailable\");\n\n script_name(\"phpMyAdmin <= 4.9.0.1 CSRF Vulnerability (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"phpMyAdmin/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"phpMyAdmin is prone to a CSRF vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A CSRF issue in phpMyAdmin allows deletion of any server in the Setup page.\");\n\n script_tag(name:\"affected\", value:\"phpMyAdmin version 4.9.0.1 and prior.\");\n\n script_tag(name:\"solution\", value:\"No known solution is available as of 17th September, 2019.\n Information regarding this issue will be updated once solution details are available.\");\n\n script_xref(name:\"URL\", value:\"https://seclists.org/fulldisclosure/2019/Sep/23\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_is_less_equal(version: version, test_version: \"4.9.0.1\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"None\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-09-17T14:26:18", "description": "phpMyAdmin is prone to a CSRF vulnerability.", "cvss3": {}, "published": "2019-09-17T00:00:00", "type": "openvas", "title": "phpMyAdmin <= 4.9.0.1 CSRF Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-17T00:00:00", "id": "OPENVAS:1361412562310142898", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142898", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142898\");\n script_version(\"2019-09-17T06:21:11+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-17 06:21:11 +0000 (Tue, 17 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-17 06:20:33 +0000 (Tue, 17 Sep 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n\n script_cve_id(\"CVE-2019-12922\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"NoneAvailable\");\n\n script_name(\"phpMyAdmin <= 4.9.0.1 CSRF Vulnerability (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"phpMyAdmin/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"phpMyAdmin is prone to a CSRF vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A CSRF issue in phpMyAdmin allows deletion of any server in the Setup page.\");\n\n script_tag(name:\"affected\", value:\"phpMyAdmin version 4.9.0.1 and prior.\");\n\n script_tag(name:\"solution\", value:\"No known solution is available as of 17th September, 2019.\n Information regarding this issue will be updated once solution details are available.\");\n\n script_xref(name:\"URL\", value:\"https://seclists.org/fulldisclosure/2019/Sep/23\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_is_less_equal(version: version, test_version: \"4.9.0.1\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"None\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:41:45", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for phpMyAdmin to 4.9.1 fixes the following issues:\n\n\n Security issue fixed:\n\n - CVE-2019-12922: Fixed CSRF issue that allowed deletion of any server in\n the Setup page. (boo#1150914)\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2211=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2211=1\n\n - openSUSE Backports SLE-15-SP1:\n\n zypper in -t patch openSUSE-2019-2211=1\n\n - openSUSE Backports SLE-15:\n\n zypper in -t patch openSUSE-2019-2211=1\n\n - SUSE Package Hub for SUSE Linux Enterprise 12:\n\n zypper in -t patch openSUSE-2019-2211=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-09-28T00:00:00", "type": "suse", "title": "Security update for phpMyAdmin (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-28T00:00:00", "id": "OPENSUSE-SU-2019:2211-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D2YNQNMKYRB7MW5FDL2JTZKJHYYEOU6Q/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-21T22:48:41", "description": "An update that fixes three vulnerabilities is now available.\n\nDescription:\n\n This update for phpMyAdmin to version 4.9.4 fixes the following issues:\n\n - CVE-2020-5504: SQL injection in user accounts page (boo#1160456).\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - SUSE Package Hub for SUSE Linux Enterprise 12:\n\n zypper in -t patch openSUSE-2020-56=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-14T00:00:00", "type": "suse", "title": "Security update for phpMyAdmin (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922", "CVE-2019-18622", "CVE-2020-5504"], "modified": "2020-01-14T00:00:00", "id": "OPENSUSE-SU-2020:0056-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IGARHYC7NYETOS2R5K3CIBS5JNGYZKQL/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "zdt": [{"lastseen": "2019-12-04T14:24:31", "description": "Exploit for php platform in category web applications", "cvss3": {}, "published": "2019-09-16T00:00:00", "type": "zdt", "title": "phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery Vulnerability", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-16T00:00:00", "id": "1337DAY-ID-33253", "href": "https://0day.today/exploit/description/33253", "sourceData": "=============================================\r\nMGC ALERT 2019-003\r\n- Original release date: June 13, 2019\r\n- Last revised: September 13, 2019\r\n- Discovered by: Manuel Garcia Cardenas\r\n- Severity: 4,3/10 (CVSS Base Score)\r\n- CVE-ID: CVE-2019-12922\r\n=============================================\r\n\r\nI. VULNERABILITY\r\n-------------------------\r\nphpMyAdmin 4.9.0.1 - Cross-Site Request Forgery\r\n\r\nII. BACKGROUND\r\n-------------------------\r\nphpMyAdmin is a free software tool written in PHP, intended to handle the\r\nadministration of MySQL over the Web. phpMyAdmin supports a wide range of\r\noperations on MySQL and MariaDB.\r\n\r\nIII. DESCRIPTION\r\n-------------------------\r\nHas been detected a Cross-Site Request Forgery in phpMyAdmin, that allows\r\nan attacker to trigger a CSRF attack against a phpMyAdmin user deleting any\r\nserver in the Setup page.\r\n\r\nIV. PROOF OF CONCEPT\r\n-------------------------\r\nExploit CSRF - Deleting main server\r\n\r\n<p>Deleting Server 1</p>\r\n<img src=\"\r\nhttp://server/phpmyadmin/setup/index.php?page=servers&mode=remove&id=1\"\r\nstyle=\"display:none;\" />\r\n\r\nV. BUSINESS IMPACT\r\n-------------------------\r\nThe attacker can easily create a fake hyperlink containing the request that\r\nwants to execute on behalf the user,in this way making possible a CSRF\r\nattack due to the wrong use of HTTP method.\r\n\r\nVI. SYSTEMS AFFECTED\r\n-------------------------\r\nphpMyAdmin <= 4.9.0.1\r\n\r\nVII. SOLUTION\r\n-------------------------\r\nImplement in each call the validation of the token variable, as already\r\ndone in other phpMyAdmin requests.\r\n\r\nVIII. REFERENCES\r\n-------------------------\r\nhttps://www.phpmyadmin.net/\r\n\r\nIX. CREDITS\r\n-------------------------\r\nThis vulnerability has been discovered and reported\r\nby Manuel Garcia Cardenas (advidsec (at) gmail (dot) com).\r\n\r\nX. REVISION HISTORY\r\n-------------------------\r\nJune 13, 2019 1: Initial release\r\nSeptember 13, 2019 2: Last revision\r\n\r\nXI. DISCLOSURE TIMELINE\r\n-------------------------\r\nJune 13, 2019 1: Vulnerability acquired by Manuel Garcia Cardenas\r\nJune 13, 2019 2: Send to vendor\r\nJuly 16, 2019 3: New request to vendor without fix date\r\nSeptember 13, 2019 4: Sent to lists\r\n\r\nXII. LEGAL NOTICES\r\n-------------------------\r\nThe information contained within this advisory is supplied \"as-is\" with no\r\nwarranties or guarantees of fitness of use or otherwise.\r\n\r\nXIII. ABOUT\r\n-------------------------\r\nManuel Garcia Cardenas\r\nPentester\n\n# 0day.today [2019-12-04] #", "sourceHref": "https://0day.today/exploit/33253", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:29:43", "description": "A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the\nSetup page.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-09-13T00:00:00", "type": "ubuntucve", "title": "CVE-2019-12922", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-13T00:00:00", "id": "UB:CVE-2019-12922", "href": "https://ubuntu.com/security/CVE-2019-12922", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "thn": [{"lastseen": "2022-05-09T12:39:45", "description": "[](<https://thehackernews.com/images/-yWk8WszAtcs/XYH0YapjkEI/AAAAAAAA1Ic/Mx_K3Sur-3UA_TDarMtxAl79XmnIwJ-jQCLcBGAsYHQ/s728-e100/phpmyadmin.jpg>)\n\nA cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin\u2014one of the most popular applications for managing the MySQL and MariaDB databases. \n \nphpMyAdmin is a free and open source administration tool for MySQL and MariaDB that's widely used to manage the database for websites created with WordPress, Joomla, and many other content management platforms. \n \nDiscovered by security researcher and pentester [Manuel Garcia Cardenas](<https://twitter.com/hypnito>), the vulnerability claims to be a cross-site request forgery (CSRF) flaw, also known as XSRF, a well-known attack wherein attackers trick authenticated users into executing an unwanted action. \n \nIdentified as [CVE-2019-12922](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922>), the flaw has been given a medium rating because of its limited scope that only allows an attacker to delete any server configured in the setup page of a phpMyAdmin panel on a victim's server. \n \nTo be noted, it's not something you should not be much worried about because the attack doesn't allow attackers to delete any database or table stored on the server. \n \nAll an attacker needs to do is send a crafted URL to targeted web administrators, who already have logged in to their phpmyAdmin panel on the same browser, tricking them into unknowingly delete the configured server by simply clicking on it. \n \n\n\n> \"The attacker can easily create a fake hyperlink containing the request that wants to execute on behalf of the user, in this way making possible a CSRF attack due to the wrong use of HTTP method,\" Cardenas [explains in a post](<https://seclists.org/fulldisclosure/2019/Sep/23>) to the Full Disclosure mailing list.\n\n \nHowever, the vulnerability is trivial to exploit because other than knowing the URL of a targeted server, an attacker doesn't need to know any other information, like the name of the databases. \n \n\n\n## Proof of Concept Exploit Code\n\n \n\n\n[](<https://thehackernews.com/images/-pGcaw9xtWFA/XYH3Kmb8soI/AAAAAAAA1Io/lChrus8SuOM2lEKyzZCsSQaEEkuBWcPLQCLcBGAsYHQ/s728-e100/phpmyadmin-exploit.jpg>)\n\nThe flaw affects phpMyAdmin versions up to and including 4.9.0.1, which is the latest version of the software at the time of writing. \n \nThe security flaw also resides in phpMyAdmin 5.0.0-alpha1, which was released in July 2019, Cardenas told The Hacker News. \n \nCardenas discovered this vulnerability back in June 2019, and also responsibly reported it to the project maintainers. \n \nHowever, after phpMyAdmin maintainers failed to patch the vulnerability within 90 days of being notified, the researcher decided to release the vulnerability details and PoC to the public on 13 September. \n \nTo address this vulnerability, Cardenas recommended to \"implement in each call the validation of the token variable, as already done in other phpMyAdmin requests,\" as a solution. \n \nUntil the maintainers patch the vulnerability, website administrators and hosting providers are highly recommended to avoid clicking any suspicious links.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-09-18T09:15:00", "type": "thn", "title": "Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-18T11:08:09", "id": "THN:E97CD3C1CB3F0AA49420F764BE5DE2B9", "href": "https://thehackernews.com/2019/09/phpmyadmin-csrf-exploit.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "debiancve": [{"lastseen": "2022-02-14T07:35:37", "description": "A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-09-13T13:15:00", "type": "debiancve", "title": "CVE-2019-12922", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-13T13:15:00", "id": "DEBIANCVE:CVE-2019-12922", "href": "https://security-tracker.debian.org/tracker/CVE-2019-12922", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T20:01:50", "description": "A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-09-13T13:15:00", "type": "cve", "title": "CVE-2019-12922", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922"], "modified": "2019-09-28T18:15:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:4.9.0.1"], "id": "CVE-2019-12922", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12922", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:4.9.0.1:*:*:*:*:*:*:*"]}], "exploitdb": [{"lastseen": "2022-01-13T05:32:13", "description": "", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-09-13T00:00:00", "type": "exploitdb", "title": "phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12922", "2019-12922"], "modified": "2019-09-13T00:00:00", "id": "EDB-ID:47385", "href": "https://www.exploit-db.com/exploits/47385", "sourceData": "=============================================\r\nMGC ALERT 2019-003\r\n- Original release date: June 13, 2019\r\n- Last revised: September 13, 2019\r\n- Discovered by: Manuel Garcia Cardenas\r\n- Severity: 4,3/10 (CVSS Base Score)\r\n- CVE-ID: CVE-2019-12922\r\n=============================================\r\n\r\nI. VULNERABILITY\r\n-------------------------\r\nphpMyAdmin 4.9.0.1 - Cross-Site Request Forgery\r\n\r\nII. BACKGROUND\r\n-------------------------\r\nphpMyAdmin is a free software tool written in PHP, intended to handle the\r\nadministration of MySQL over the Web. phpMyAdmin supports a wide range of\r\noperations on MySQL and MariaDB.\r\n\r\nIII. DESCRIPTION\r\n-------------------------\r\nHas been detected a Cross-Site Request Forgery in phpMyAdmin, that allows\r\nan attacker to trigger a CSRF attack against a phpMyAdmin user deleting any\r\nserver in the Setup page.\r\n\r\nIV. PROOF OF CONCEPT\r\n-------------------------\r\nExploit CSRF - Deleting main server\r\n\r\n<p>Deleting Server 1</p>\r\n<img src=\"\r\nhttp://server/phpmyadmin/setup/index.php?page=servers&mode=remove&id=1\"\r\nstyle=\"display:none;\" />\r\n\r\nV. BUSINESS IMPACT\r\n-------------------------\r\nThe attacker can easily create a fake hyperlink containing the request that\r\nwants to execute on behalf the user,in this way making possible a CSRF\r\nattack due to the wrong use of HTTP method.\r\n\r\nVI. SYSTEMS AFFECTED\r\n-------------------------\r\nphpMyAdmin <= 4.9.0.1\r\n\r\nVII. SOLUTION\r\n-------------------------\r\nImplement in each call the validation of the token variable, as already\r\ndone in other phpMyAdmin requests.\r\n\r\nVIII. REFERENCES\r\n-------------------------\r\nhttps://www.phpmyadmin.net/\r\n\r\nIX. CREDITS\r\n-------------------------\r\nThis vulnerability has been discovered and reported\r\nby Manuel Garcia Cardenas (advidsec (at) gmail (dot) com).\r\n\r\nX. REVISION HISTORY\r\n-------------------------\r\nJune 13, 2019 1: Initial release\r\nSeptember 13, 2019 2: Last revision\r\n\r\nXI. DISCLOSURE TIMELINE\r\n-------------------------\r\nJune 13, 2019 1: Vulnerability acquired by Manuel Garcia Cardenas\r\nJune 13, 2019 2: Send to vendor\r\nJuly 16, 2019 3: New request to vendor without fix date\r\nSeptember 13, 2019 4: Sent to lists\r\n\r\nXII. LEGAL NOTICES\r\n-------------------------\r\nThe information contained within this advisory is supplied \"as-is\" with no\r\nwarranties or guarantees of fitness of use or otherwise.\r\n\r\nXIII. ABOUT\r\n-------------------------\r\nManuel Garcia Cardenas\r\nPentester", "sourceHref": "https://www.exploit-db.com/download/47385", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "hackerone": [{"lastseen": "2021-04-14T10:28:45", "bounty": 100.0, "description": "# Summary:\nHello Team,\nI found that the PHPMyAdmin login panel is publicly accessible on https://gifts.flocktory.com and it is using the 4.6.6 version of PHPMyAdmin, which is vulnerable to several CVEs\nhttps://www.cvedetails.com/vulnerability-list/vendor_id-784/product_id-1341/version_id-251928/Phpmyadmin-Phpmyadmin-4.6.6.html\nhttps://www.cybersecurity-help.cz/vdb/phpmyadmin/phpmyadmin/4.6.6/\n{F1212091}\nOut of which 2 of them are CSRF vulnerability in it.\n\n\n# Description:\n**CVE-2019-12616:**\n## Details:\nThe vulnerability exists due to insufficient validation of the HTTP request origin in \"tbl_sql.php\" script. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website, such as execute arbitrary INSERT or DELETE statements.\n\n## Steps to reproduce/POC:\nhttps://gifts.flocktory.com/tbl_sql.php?sql_query=INSERT+INTO+%60pma__bookmark%60+(%60id%60%2C+%60dbase%60%2C+%60user%60%2C+%60label%60%2C+%60query%60)+VALUES+(DAYOFWEEK(%27%27)%2C+%27%27%2C+%27%27%2C+%27%27%2C+%27%27)&show_query=1&db=phpmyadmin&table=pma__bookmark\n\nAn attacker can create a CSRF HTML page using the above URL, and when the victim visits any such page. Then an insert query will be fired created by the attacker\n\n## Impact:\nAn attacker can perform arbitrary actions on behalf of the victim, such as execute arbitrary INSERT or DELETE statements.\n\n## References:\nhttps://www.cybersecurity-help.cz/vdb/SB2019060501\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-12616\n\n\n**CVE-2019-12922:**\n## Details:\nThe vulnerability exists due to insufficient validation of the HTTP request origin. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website, such as delete an arbitrary server on the Setup page.\n\n## Steps to reproduce/POC:\n```html\n<p>Deleting Server 1</p>\n<img src=\"\nhttps://gifts.flocktory.com/phpmyadmin/setup/index.php?page=servers&mode=remove&id=1\"\nstyle=\"display:none;\" />\n```\nAn attacker can create a CSRF HTML page using the above HTML code, and when the victim visits any such page. Then an server will be deleted with id=1\n\n## Impact:\nAn attacker can perform arbitrary actions on behalf of the victim, such as delete an arbitrary server on the Setup page.\n\n## References:\nhttps://www.exploit-db.com/exploits/47385\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-12922\n\n\nThanks and regards,\n@ganofins\n\n## Impact\n\nAn attacker can perform arbitrary actions on behalf of the victim, such as execute arbitrary INSERT or DELETE statements, delete an arbitrary server on the Setup page.", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-28T10:10:41", "type": "hackerone", "title": "QIWI: gifts.flocktory.com/phpmyadmin is vulnerable csrf", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12616", "CVE-2019-12922"], "modified": "2021-04-14T08:36:02", "id": "H1:1113212", "href": "https://hackerone.com/reports/1113212", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}]}