CVE-2015-3902 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-3902 Interim 1 8 2023-12-08T02:12:47Z current 2021-05-30T13:30:14Z 2023-12-08T02:12:47Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-3902 Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed phpMyAdmin-4.6.5.2-1.1 phpMyAdmin-4.6.5.2-1.1 as a component of openSUSE Tumbleweed Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file. CVE-2015-3902 openSUSE Tumbleweed:phpMyAdmin-4.6.5.2-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P