PT-2016-7844 · Phpmyadmin+1 · Phpmyadmin+1

E3Amn2L

·

Publicado

2016-12-07

·

Atualizado

2024-06-15

·

CVE-2016-9851

CVSS v3.1

5.3

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Name of the Vulnerable Software and Affected Versions phpMyAdmin versions 4.6.x prior to 4.6.5 phpMyAdmin versions 4.4.x prior to 4.4.15.9
Description An issue was discovered that allows bypassing the logout timeout with a crafted request parameter value.
Recommendations For versions 4.6.x prior to 4.6.5, update to version 4.6.5 or later. For versions 4.4.x prior to 4.4.15.9, update to version 4.4.15.9 or later.

Correção

Session Fixation

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-254CWE-384

Identificadores relacionados

ALT-PU-2016-2421
CVE-2016-9851
GHSA-R2VW-P77F-VC27
MGASA-2016-0416
OPENSUSE-SU-2024:10054-1

Produtos afetados

Alt Linux
Phpmyadmin