CVE-2018-19968
Published: 11 December 2018
An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system.
From the Ubuntu Security Team
It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files.
Priority
Status
Package | Release | Status |
---|---|---|
phpmyadmin Launchpad, Ubuntu, Debian |
groovy |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
jammy |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
bionic |
Released
(4:4.6.6-5ubuntu0.5)
|
|
cosmic |
Ignored
(end of life)
|
|
disco |
Ignored
(end of life)
|
|
eoan |
Does not exist
|
|
focal |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
hirsute |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
impish |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
trusty |
Released
(4:4.0.10-1ubuntu0.1+esm4)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
upstream |
Released
(4.8.4, 4:4.9.1+dfsg1-2)
|
|
xenial |
Released
(4:4.5.4.1-2ubuntu2.1+esm6)
Available with Ubuntu Pro |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 6.5 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |