CVE-2016-6614

Description

An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

How to fix CVE-2016-6614

To remediate CVE-2016-6614, upgrade the affected package to a fixed version below.

—upgrade to 4.4.15.8-r0 or later
—upgrade to 4:4.6.4+dfsg1-1 or later

Is CVE-2016-6614 being exploited?

Low — EPSS is 1.1%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0, < 4.4.15.8-r0
from 0, < 4:4.6.4+dfsg1-1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.8	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

References (2)

ADVISORYsecurity.alpinelinux.org/vuln/CVE-2016-6614
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2016-6614