CVE-2011-1941
medium
CVSS v3
—
CVSS v2
4.3
VIR risk
4.3
Description
phpMyAdmin Open Redirect in redirector
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2011-1941
Vendor advisory: secalert@redhat.com — http://www.phpmyadmin.net/home_page/security/PMASA-2011-4.php
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | bookworm | fixed | 4:3.4.1-1 |
| debian | bullseye | fixed | 4:3.4.1-1 |
| debian | sid | fixed | 4:3.4.1-1 |
| debian | trixie | fixed | 4:3.4.1-1 |
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Packagist | phpmyadmin/phpmyadmin | >=3.4.0,<3.4.1 | 3.4.1 |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| phpmyadmin | phpmyadmin | 3.4.0.0 | |
References
- http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f
- http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d
- http://www.phpmyadmin.net/home_page/security/PMASA-2011-4.php
- https://security-tracker.debian.org/tracker/CVE-2011-1941
- https://nvd.nist.gov/vuln/detail/CVE-2011-1941
- https://github.com/phpmyadmin/composer/commit/b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f
- https://github.com/phpmyadmin/composer/commit/ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d
- https://github.com/phpmyadmin/composer
- http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f
- http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d
CWEs
CWE-20
Verify integrity in audit chain (admin only). AS-IS.