CVE-2017-1000016

Опубликовано: 17 июл. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.

Ссылки

https://www.phpmyadmin.net/security/PMASA-2017-5
Third Party Advisory
https://www.phpmyadmin.net/security/PMASA-2017-5
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.3:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.4:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.5:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.5.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.5.2:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00762

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2017-1000016

CVSS3: 7.5

ubuntu

около 8 лет назад

A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.

CVE-2017-1000016

CVSS3: 7.5

debian

около 8 лет назад

A weakness was discovered where an attacker can inject arbitrary value ...

GHSA-j2cq-h6v2-f875

CVSS3: 7.5

github

около 3 лет назад

phpMyAdmin Cookie attribute injection attack

EPSS

Процентиль: 72%

0.00762

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20