CVE-2019-6799
Published: 26 January 2019
An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allow_local_infile PHP configuration, and the inadvertent ignoring of "options(MYSQLI_OPT_LOCAL_INFILE" calls.
From the Ubuntu Security Team
It was discovered that phpMyAdmin would allow sensitive files to be leaked if certain configuration options were set. An attacker could use this vulnerability to access confidential information.
Priority
Status
Package | Release | Status |
---|---|---|
phpmyadmin Launchpad, Ubuntu, Debian |
cosmic |
Ignored
(end of life)
|
disco |
Ignored
(end of life)
|
|
eoan |
Does not exist
|
|
focal |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
trusty |
Needed
|
|
upstream |
Released
(4.8.5, 4:4.9.1+dfsg1-2)
|
|
impish |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
bionic |
Released
(4:4.6.6-5ubuntu0.5)
|
|
xenial |
Needed
|
|
jammy |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
groovy |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
hirsute |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
kinetic |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
lunar |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
mantic |
Not vulnerable
(4:4.9.2+dfsg1-1)
|
|
Patches: upstream: https://github.com/phpmyadmin/phpmyadmin/commit/aeac90623e525057a7672ab3d98154b5c57c15ec upstream: https://github.com/phpmyadmin/phpmyadmin/commit/c5e01f84ad48c5c626001cb92d7a95500920a900 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.9 |
Attack vector | Network |
Attack complexity | High |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799
- https://www.phpmyadmin.net/security/PMASA-2019-1/
- https://github.com/phpmyadmin/phpmyadmin/commit/aeac90623e525057a7672ab3d98154b5c57c15ec
- https://github.com/phpmyadmin/phpmyadmin/commit/c5e01f84ad48c5c626001cb92d7a95500920a900
- https://ubuntu.com/security/notices/USN-4639-1
- NVD
- Launchpad
- Debian