Cookie Encryption Vulnerability in phpMyAdmin
CVE-2016-6606

8.1HIGH

Key Information:

Vendor

PHPmyadmin
Status
PHPmyadmin
Vendor
CVE Published:
11 December 2016

What is CVE-2016-6606?

A flaw exists in the cookie encryption mechanism within phpMyAdmin that makes it susceptible to padding oracle attacks. This vulnerability enables an attacker with access to a user's browser cookie file to decrypt sensitive information, namely the username and password. A significant concern arises from the re-use of the same initialization vector (IV) for hashing the username and password together in the phpMyAdmin cookie. If a user's password matches their username, an attacker who examines the cookie can easily deduce this correlation, even if they cannot directly decode the hash. Affected versions include phpMyAdmin 4.6.x (before 4.6.4), 4.4.x (before 4.4.15.8), and 4.0.x (before 4.0.10.17).

References

https://www.phpmyadmin.net/security/PMASA-2016-29
x_refsource_CONFIRM
http://www.securityfocus.com/bid/94114
vdb-entryx_refsource_BID
https://security.gentoo.org/glsa/201701-32
vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.