CVE-2017-18264

{"id": "CVE-2017-18264", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-05-01T17:29:00.237", "references": [{"url": "http://www.securityfocus.com/bid/97211", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.phpmyadmin.net/security/PMASA-2017-8/", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg['Servers'][$i]['AllowNoPassword'] = false are bypassed under certain PHP versions (e.g., version 5). This can allow the login of users who have no password set even if the administrator has set $cfg['Servers'][$i]['AllowNoPassword'] to false (which is also the default). This occurs because some implementations of the PHP substr function return false when given '' as the first argument."}, {"lang": "es", "value": "Se ha descubierto un problema en libraries/common.inc.php en phpMyAdmin en versiones 4.0 anteriores a la 4.0.10.20, 4.4.x, 4.6.x y 4.7.0 \"prereleases\". Las restricciones causadas por $cfg['Servers'][$i]['AllowNoPassword'] = false se omiten en determinadas versiones PHP (por ejemplo, la versi\u00f3n 5). Esto puede permitir que inicien sesi\u00f3n los usuarios que no tengan una contrase\u00f1a establecida incluso si el administrador tiene establecido $cfg['Servers'][$i]['AllowNoPassword'] en \"false\" (que es tambi\u00e9n el valor por defecto). Esto ocurre porque determinadas implementaciones de la funci\u00f3n de PHP substr devuelven el valor \"falso\" cuando se proporciona el car\u00e1cter \" como primer argumento."}], "lastModified": "2019-10-03T00:03:26.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55082B30-4479-44A1-BF12-28833A589B50", "versionEndExcluding": "4.0.10.20", "versionStartIncluding": "4.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "928D191C-A3A7-4DEE-87AF-CF2A03295798", "versionEndIncluding": "4.4.15.10", "versionStartIncluding": "4.4.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F21A70D3-CFF3-4A41-82BC-9EA2D7A190B6", "versionEndIncluding": "4.6.6", "versionStartIncluding": "4.6.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02F545DB-D076-4FFB-8169-3E59D367D381"}, {"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75C9463D-85A0-4B8C-A2EA-0C18381E3C2E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}