Lucene search
GoogleOSV:CVE-2016-9847HistoryDec 11, 2016 - 2:59 a.m.
CVE-2016-9847
2016-12-1102:59:00
Google
osv.dev
5
EPSS
0.001
Percentile
42.2%
An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user’s blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
Related
cvelist
cvelist
CVE-2016-9847
2016-12-11 02:00:00
osv
osv
phpMyAdmin Cryptographic Vulnerability
2022-05-17 02:36:42
ubuntucve
ubuntucve
CVE-2016-9847
2016-12-11 00:00:00
alpinelinux
alpinelinux
CVE-2016-9847
2016-12-11 02:59:44
nvd
nvd
CVE-2016-9847
2016-12-11 02:59:44
CVE-2016-1000360
2017-05-07 08:29:00
prion
prion
Code injection
2016-12-11 02:59:00
Design/Logic Flaw
2017-05-07 08:29:00
github
github
phpMyAdmin Cryptographic Vulnerability
2022-05-17 02:36:42
phpmyadmin
phpmyadmin
Unsafe generation of blowfish secret
2016-11-25 00:00:00
debiancve
debiancve
CVE-2016-9847
2016-12-11 02:59:44
cve
cve
CVE-2016-9847
2016-12-11 02:59:44
CVE-2016-1000360
2022-10-03 16:16:34
openvas
openvas
phpMyAdmin Multiple Security Vulnerabilities - 04 (Dec 2016) - Linux
2017-04-10 00:00:00
phpMyAdmin Multiple Security Vulnerabilities - 04 (Dec 2016) - Windows
2017-04-10 00:00:00
Mageia: Security Advisory (MGASA-2016-0416)
2022-01-28 00:00:00
mageia
mageia
Updated phpmyadmin packages fix security vulnerability
2016-12-09 11:42:46
nessus
nessus
phpMyAdmin 4.0.x < 4.0.10.18 / 4.4.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Vulnerabilities
2020-12-07 00:00:00
GLSA-201701-32 : phpMyAdmin: Multiple vulnerabilities
2017-01-12 00:00:00
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2017-01-11 00:00:00