{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2023 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2016-6606","title":"Title"},{"category":"description","text":"An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector (IV) is used to hash the username and password stored in the phpMyAdmin cookie. If a user has the same password as their username, an attacker who examines the browser cookie can see that they are the same - but the attacker can not directly decode these values from the cookie as it is still hashed. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2016-6606","url":"https://www.suse.com/security/cve/CVE-2016-6606"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 994313 for CVE-2016-6606","url":"https://bugzilla.suse.com/994313"},{"category":"external","summary":"Advisory link for openSUSE-SU-2016:2168-1","url":"https://lists.opensuse.org/opensuse-security-announce/2016-08/msg00047.html"},{"category":"external","summary":"Advisory link for openSUSE-SU-2016:2176-1","url":"https://lists.opensuse.org/opensuse-updates/2016-08/msg00111.html"}],"title":"SUSE CVE CVE-2016-6606","tracking":{"current_release_date":"2023-02-15T04:59:19Z","generator":{"date":"2023-02-15T04:59:19Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2016-6606","initial_release_date":"2023-02-15T04:59:19Z","revision_history":[{"date":"2023-02-15T04:59:19Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"openSUSE Tumbleweed","product":{"name":"openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed","product_identification_helper":{"cpe":"cpe:/o:opensuse:tumbleweed"}}},{"category":"product_version","name":"phpMyAdmin-4.6.5.2-1.1","product":{"name":"phpMyAdmin-4.6.5.2-1.1","product_id":"phpMyAdmin-4.6.5.2-1.1","product_identification_helper":{"cpe":"cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.5.2:*:*:*:*:*:*:*"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"phpMyAdmin-4.6.5.2-1.1 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:phpMyAdmin-4.6.5.2-1.1"},"product_reference":"phpMyAdmin-4.6.5.2-1.1","relates_to_product_reference":"openSUSE Tumbleweed"}]},"vulnerabilities":[{"cve":"CVE-2016-6606","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-6606"}],"notes":[{"category":"general","text":"An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector (IV) is used to hash the username and password stored in the phpMyAdmin cookie. If a user has the same password as their username, an attacker who examines the browser cookie can see that they are the same - but the attacker can not directly decode these values from the cookie as it is still hashed. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.","title":"Vulnerability description"}],"product_status":{"fixed":["openSUSE Tumbleweed:phpMyAdmin-4.6.5.2-1.1"]},"references":[{"category":"external","summary":"CVE-2016-6606","url":"https://www.suse.com/security/cve/CVE-2016-6606"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 994313 for CVE-2016-6606","url":"https://bugzilla.suse.com/994313"},{"category":"external","summary":"Advisory link for openSUSE-SU-2016:2168-1","url":"https://lists.opensuse.org/opensuse-security-announce/2016-08/msg00047.html"},{"category":"external","summary":"Advisory link for openSUSE-SU-2016:2176-1","url":"https://lists.opensuse.org/opensuse-updates/2016-08/msg00111.html"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:phpMyAdmin-4.6.5.2-1.1"]}],"scores":[{"cvss_v3":{"baseScore":8.1,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["openSUSE Tumbleweed:phpMyAdmin-4.6.5.2-1.1"]}],"threats":[{"category":"impact","date":"2016-08-18T02:47:23Z","details":"moderate"}],"title":"CVE-2016-6606"}]}