CVE-2016-9863

{"id": "CVE-2016-9863", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2016-12-11T03:00:04.917", "references": [{"url": "http://www.securityfocus.com/bid/94526", "source": "cve@mitre.org"}, {"url": "https://security.gentoo.org/glsa/201701-32", "source": "cve@mitre.org"}, {"url": "https://www.phpmyadmin.net/security/PMASA-2016-68", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/94526", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/201701-32", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.phpmyadmin.net/security/PMASA-2016-68", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service (DoS) attack. All 4.6.x versions (prior to 4.6.5) are affected."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en phpMyAdmin. Con una petici\u00f3n muy grande para la funci\u00f3n de particionamiento de tabla, es posible invocar un ataque de denegaci\u00f3n de servicio (DoS). Todas las versiones 4.6.x (anteriores a 4.6.5) est\u00e1n afectadas."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C641F362-D37D-47CB-BE6C-36E5F116F844"}, {"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85631B69-7060-42D1-AE24-466BA10EB390"}, {"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E62EDC79-47AA-4CED-AB7F-1E4D158EB653"}, {"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0B800AA-6290-4032-AA17-21025A19C392"}, {"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "230D3D61-B090-49FA-91B1-9FA4DD2C6209"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}