Description

An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with $cfg['AllowArbitraryServer']=true. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

Remediation

References

CVE-2016-6622

Related Vulnerabilities

WordPress 4.0.x Denial of Service Vulnerability (4.0 - 4.0.22)

WordPress Plugin Spryng Payments for WooCommerce Cross-Site Scripting (1.6.7)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.24)

WordPress Plugin Video Embed SQL Injection (1.0)

WordPress Plugin Judge.me Product Reviews for WooCommerce Cross-Site Scripting (1.3.20)

Severity

Medium

Classification

CVE-2016-6622 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities