CVE-2019-12385

An issue was discovered in Ampache through 3.9.1. The search engine is affected by a SQL Injection, so any user able to perform lib/class/search.class.php searches (even guest users) can dump any data contained in the database (sessions, hashed passwords, etc.). This may lead to a full compromise of admin accounts, when combined with the weak password generator algorithm used in the lostpassword functionality.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
ampacheampache
𝑥
≤ 3.9.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ampache
groovy
dne
focal
dne
eoan
dne
disco
dne
bionic
dne
xenial
Fixed 3.6-rzb2779+dfsg-0ubuntu9.2
released
trusty
dne
Common Weakness Enumeration
References
https://lists.debian.org/debian-lts-announce/2019/11/msg00008.html
https://www.tarlogic.com/en/blog/vulnerabilities-in-ampache/
https://lists.debian.org/debian-lts-announce/2019/11/msg00008.html
https://www.tarlogic.com/en/blog/vulnerabilities-in-ampache/