vulnerability
Alpine Linux: CVE-2016-9849: Vulnerability in Multiple Components
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Dec 11, 2016 | Aug 30, 2017 | Oct 1, 2024 |
Severity
7
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Dec 11, 2016
Added
Aug 30, 2017
Modified
Oct 1, 2024
Description
An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
Solution
alpine-linux-upgrade-phpmyadmin

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.