CVE-2021-43008

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-43008

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-43008.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-43008

Aliases

GHSA-rxfq-3vpc-vv72

Related

Published

2022-04-05T02:15:06Z

Modified

2024-09-18T03:16:42.498261Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.

References

Affected packages

Debian:11 / adminer

Package

Name: adminer
Purl: pkg:deb/debian/adminer?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.6.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / adminer

Package

Name: adminer
Purl: pkg:deb/debian/adminer?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.6.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / adminer

Package

Name: adminer
Purl: pkg:deb/debian/adminer?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.6.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/vrana/adminer

Affected ranges

Type: GIT
Repo: https://github.com/vrana/adminer
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

7cb3e768bbd34f4b01aa9a2b7fac1c7224a02b37

Affected versions

v3.*

v3.0.0

v3.0.1

v3.1.0

v3.2.0

v3.2.1

v3.2.2

v3.3.0

v3.3.1

v3.3.2

v3.3.3

v3.3.4

v3.4.0

v3.5.0

v3.5.1

v3.6.0

v3.6.1

v3.6.2

v3.6.3

v3.6.4

v3.7.0

v3.7.1

v4.*

v4.0.0

v4.0.1

v4.0.2

v4.0.3

v4.1.0

v4.2.0

v4.2.1

v4.2.2

v4.2.3

v4.2.4

v4.2.5

v4.3.0

v4.3.1

v4.4.0

v4.5.0

v4.6.0

v4.6.1

v4.6.2