CVE-2017-12419

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-12419
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12419.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-12419
Published
2017-08-05T15:29:00Z
Modified
2024-09-03T01:39:27.691939Z
Severity
  • 4.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory (as recommended in the "Post-installation and upgrade tasks" section of the MantisBT Admin Guide), and the MySQL client has a localinfile setting enabled (in php.ini mysqli.allowlocal_infile, or the MySQL client config file, depending on the PHP setup), an attacker may take advantage of MySQL's "connect file read" feature to remotely access files on the MantisBT server.

References

Affected packages

Git / github.com/mantisbt/mantisbt

Affected ranges

Type
GIT
Repo
https://github.com/mantisbt/mantisbt
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Type
GIT
Repo
https://github.com/mariadb-corporation/mariadb-connector-nodejs
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

0.*

0.7.0

2.*

2.0.0-alpha
2.0.1-beta
2.0.2-rc
2.0.3
2.0.4
2.0.5
2.1.0
2.1.1
2.1.2
2.1.3
2.1.4
2.1.5
2.2.0
2.3.0
2.3.1
2.4.0
2.4.1
2.4.2
2.5.0
2.5.1
2.5.2