CVE Vulnerabilities

CVE-2015-3903

Published: May 26, 2015 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls over SSL, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Affected Software

Name Vendor Start Version End Version
Phpmyadmin Phpmyadmin 4.0.0 (including) 4.0.0 (including)
Phpmyadmin Phpmyadmin 4.0.0-rc2 (including) 4.0.0-rc2 (including)
Phpmyadmin Phpmyadmin 4.0.0-rc3 (including) 4.0.0-rc3 (including)
Phpmyadmin Phpmyadmin 4.0.1 (including) 4.0.1 (including)
Phpmyadmin Phpmyadmin 4.0.2 (including) 4.0.2 (including)
Phpmyadmin Phpmyadmin 4.0.3 (including) 4.0.3 (including)
Phpmyadmin Phpmyadmin 4.0.4 (including) 4.0.4 (including)
Phpmyadmin Phpmyadmin 4.0.4.1 (including) 4.0.4.1 (including)
Phpmyadmin Phpmyadmin 4.0.4.2 (including) 4.0.4.2 (including)
Phpmyadmin Phpmyadmin 4.0.5 (including) 4.0.5 (including)
Phpmyadmin Phpmyadmin 4.0.6 (including) 4.0.6 (including)
Phpmyadmin Phpmyadmin 4.0.7 (including) 4.0.7 (including)
Phpmyadmin Phpmyadmin 4.0.8 (including) 4.0.8 (including)
Phpmyadmin Phpmyadmin 4.0.9 (including) 4.0.9 (including)
Phpmyadmin Phpmyadmin 4.0.10 (including) 4.0.10 (including)
Phpmyadmin Phpmyadmin 4.0.10.2 (including) 4.0.10.2 (including)
Phpmyadmin Phpmyadmin 4.0.10.5 (including) 4.0.10.5 (including)
Phpmyadmin Phpmyadmin 4.0.10.6 (including) 4.0.10.6 (including)
Phpmyadmin Phpmyadmin 4.0.10.7 (including) 4.0.10.7 (including)
Phpmyadmin Phpmyadmin 4.0.10.8 (including) 4.0.10.8 (including)
Phpmyadmin Phpmyadmin 4.0.10.9 (including) 4.0.10.9 (including)
Phpmyadmin Phpmyadmin 4.2.0 (including) 4.2.0 (including)
Phpmyadmin Phpmyadmin 4.2.1 (including) 4.2.1 (including)
Phpmyadmin Phpmyadmin 4.2.2 (including) 4.2.2 (including)
Phpmyadmin Phpmyadmin 4.2.3 (including) 4.2.3 (including)
Phpmyadmin Phpmyadmin 4.2.4 (including) 4.2.4 (including)
Phpmyadmin Phpmyadmin 4.2.5 (including) 4.2.5 (including)
Phpmyadmin Phpmyadmin 4.2.7 (including) 4.2.7 (including)
Phpmyadmin Phpmyadmin 4.2.7.1 (including) 4.2.7.1 (including)
Phpmyadmin Phpmyadmin 4.2.9.1 (including) 4.2.9.1 (including)
Phpmyadmin Phpmyadmin 4.2.10.1 (including) 4.2.10.1 (including)
Phpmyadmin Phpmyadmin 4.2.11 (including) 4.2.11 (including)
Phpmyadmin Phpmyadmin 4.2.12 (including) 4.2.12 (including)
Phpmyadmin Phpmyadmin 4.2.13.1 (including) 4.2.13.1 (including)
Phpmyadmin Phpmyadmin 4.2.13.2 (including) 4.2.13.2 (including)
Phpmyadmin Phpmyadmin 4.3.0 (including) 4.3.0 (including)
Phpmyadmin Phpmyadmin 4.3.1 (including) 4.3.1 (including)
Phpmyadmin Phpmyadmin 4.3.2 (including) 4.3.2 (including)
Phpmyadmin Phpmyadmin 4.3.3 (including) 4.3.3 (including)
Phpmyadmin Phpmyadmin 4.3.4 (including) 4.3.4 (including)
Phpmyadmin Phpmyadmin 4.3.5 (including) 4.3.5 (including)
Phpmyadmin Phpmyadmin 4.3.6 (including) 4.3.6 (including)
Phpmyadmin Phpmyadmin 4.3.7 (including) 4.3.7 (including)
Phpmyadmin Phpmyadmin 4.3.8 (including) 4.3.8 (including)
Phpmyadmin Phpmyadmin 4.3.9 (including) 4.3.9 (including)
Phpmyadmin Phpmyadmin 4.3.10 (including) 4.3.10 (including)
Phpmyadmin Phpmyadmin 4.3.11 (including) 4.3.11 (including)
Phpmyadmin Phpmyadmin 4.3.12 (including) 4.3.12 (including)
Phpmyadmin Phpmyadmin 4.3.13 (including) 4.3.13 (including)
Phpmyadmin Phpmyadmin 4.4.0 (including) 4.4.0 (including)
Phpmyadmin Phpmyadmin 4.4.1 (including) 4.4.1 (including)
Phpmyadmin Phpmyadmin 4.4.1.1 (including) 4.4.1.1 (including)
Phpmyadmin Phpmyadmin 4.4.3 (including) 4.4.3 (including)
Phpmyadmin Phpmyadmin 4.4.4 (including) 4.4.4 (including)
Phpmyadmin Phpmyadmin 4.4.5 (including) 4.4.5 (including)
Phpmyadmin Phpmyadmin 4.4.6 (including) 4.4.6 (including)
Phpmyadmin Ubuntu esm-infra-legacy/trusty *
Phpmyadmin Ubuntu precise *
Phpmyadmin Ubuntu trusty *
Phpmyadmin Ubuntu trusty/esm *
Phpmyadmin Ubuntu utopic *
Phpmyadmin Ubuntu vivid *

References