phpMyAdmin Authentication Bypass Vulnerability in Specific PHP Versions
CVE-2017-18264

9.8CRITICAL

Key Information:

Vendor
PHPmyadmin
Status
PHPmyadmin
Vendor
CVE Published:
1 May 2018

Summary

An issue has been identified in the phpMyAdmin application, where the settings intended to restrict access to users without a password can be circumvented under certain PHP versions (e.g., version 5). Specifically, despite the configuration settings ($cfg['Servers'][$i]['AllowNoPassword']) being set to disallow such logins, the actual user authentication can still succeed. This flaw results from particular implementations of the PHP substr function, which may erroneously return false when provided with an empty string as the first argument. This vulnerability poses a significant risk as it may allow unauthorized access to database systems, highlighting the need for immediate attention and remediation.

References

https://www.phpmyadmin.net/security/PMASA-2017-8/
x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2018/07/msg0...
mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/97211
vdb-entryx_refsource_BID

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.