mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-30 18:04:30 +00:00
82 lines
2.7 KiB
JSON
82 lines
2.7 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2021-43008",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://github.com/vrana/adminer/releases/tag/v4.6.3",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/vrana/adminer/releases/tag/v4.6.3"
|
|
},
|
|
{
|
|
"url": "https://www.adminer.org/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.adminer.org/"
|
|
},
|
|
{
|
|
"url": "https://sansec.io/research/adminer-4.6.2-file-disclosure-vulnerability",
|
|
"refsource": "MISC",
|
|
"name": "https://sansec.io/research/adminer-4.6.2-file-disclosure-vulnerability"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://podalirius.net/en/cves/2021-43008/",
|
|
"url": "https://podalirius.net/en/cves/2021-43008/"
|
|
},
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[debian-lts-announce] 20220513 [SECURITY] [DLA 3002-1] adminer security update",
|
|
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00012.html"
|
|
}
|
|
]
|
|
}
|
|
} |