CVE Vulnerabilities

CVE-2014-4987

Published: Jul 20, 2014 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request.

Affected Software

Name Vendor Start Version End Version
Opensuse Opensuse 12.3 (including) 12.3 (including)
Opensuse Opensuse 13.1 (including) 13.1 (including)
Phpmyadmin Ubuntu esm-infra-legacy/trusty *
Phpmyadmin Ubuntu lucid *
Phpmyadmin Ubuntu precise *
Phpmyadmin Ubuntu trusty *
Phpmyadmin Ubuntu trusty/esm *
Phpmyadmin Ubuntu upstream *

References