CVE Vulnerabilities

CVE-2014-4987

Published: Jul 20, 2014 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request.

Affected Software

Name Vendor Start Version End Version
Opensuse Opensuse 12.3 12.3
Opensuse Opensuse 13.1 13.1
Phpmyadmin Ubuntu lucid *
Phpmyadmin Ubuntu precise *
Phpmyadmin Ubuntu trusty *
Phpmyadmin Ubuntu trusty/esm *
Phpmyadmin Ubuntu upstream *

References