Lucene search

K
friendsofphpOpenJS FoundationFRIENDSOFPHP:PHPMYADMIN:PHPMYADMIN:CVE-2020-10802
HistoryJan 18, 2020 - 10:13 p.m.

SQL injection relating to searching

2020-01-1822:13:03
OpenJS Foundation
github.com
15
sql injection
search
security risk
phpmyadmin
software

CVSS2

6

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

CVSS3

8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

EPSS

0.002

Percentile

61.2%

Affected configurations

Vulners
Node
phpmyadminphpmyadminRange<5.0.2
VendorProductVersionCPE
phpmyadminphpmyadmin*cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*

CVSS2

6

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

CVSS3

8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

EPSS

0.002

Percentile

61.2%