CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
78.5%
The phpMyAdmin development team reports:
This vulnerability allows to complete the reCaptcha test
and subsequently perform a brute force attack to guess user
credentials without having to complete further reCaptcha
tests.
We consider this vulnerability to be non critical since
reCaptcha is an additional opt-in security measure.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | phpmyadmin | = 4.4.0 | UNKNOWN |
FreeBSD | any | noarch | phpmyadmin | < 4.4.14.1 | UNKNOWN |