6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.454 Medium
EPSS
Percentile
97.4%
An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a
local file because of an error in the transformation feature. The attacker
must have access to the phpMyAdmin Configuration Storage tables, although
these can easily be created in any database to which the attacker has
access. An attacker must have valid credentials to log in to phpMyAdmin;
this vulnerability does not allow an attacker to circumvent the login
system.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | phpmyadmin | < 4:4.6.6-5ubuntu0.5 | UNKNOWN |
ubuntu | 14.04 | noarch | phpmyadmin | < 4:4.0.10-1ubuntu0.1+esm4) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 16.04 | noarch | phpmyadmin | < 4:4.5.4.1-2ubuntu2.1+esm6 | UNKNOWN |
github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732
launchpad.net/bugs/cve/CVE-2018-19968
nvd.nist.gov/vuln/detail/CVE-2018-19968
security-tracker.debian.org/tracker/CVE-2018-19968
ubuntu.com/security/notices/USN-4639-1
www.cve.org/CVERecord?id=CVE-2018-19968
www.phpmyadmin.net/security/PMASA-2018-6/
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.454 Medium
EPSS
Percentile
97.4%