CVE-2021-21311 Scanner
Detects 'Server-Side Request Forgery (SSRF)' vulnerability in Adminer (open source project) affects v. from 4.0.0 to (except) 4.7.9.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
1 month
Scan only one
Url
Toolbox
-
Adminer is an open-source single PHP file that is used for database management. This software is very popular among developers due to its simplicity and ease of use. Users of Adminer can easily manage their databases with just a few clicks. Adminer supports almost all major databases like MySQL, PostgreSQL, Oracle, SQLite, and MS SQL. Adminer can also be used to edit tables, create and delete columns, indexes, and entire tables. Additionally, users can also manage events, triggers, and views. In short, Adminer is an all-in-one solution for database management.
CVE-2021-21311 is a vulnerability found in Adminer versions from 4.0.0 to 4.7.8. This vulnerability is related to server-side request forgery (SSRF). SSRF enables hackers to send requests from the server-side to third-party websites. By exploiting this vulnerability, attackers can use the server to send malicious requests to different websites. These requests may include sensitive information such as passwords or may cause damage to the target website.
Exploiting this vulnerability can lead to serious security issues. If a hacker can send malicious requests to a third-party website using the server, they could potentially steal sensitive information, cause website crashes, or perform other malicious activities. The primary risk of this vulnerability is that it could lead to the website's total downtime or data leakage.
In conclusion, it is critical to be aware of security vulnerabilities and take proactive measures to ensure the security of your digital assets. As an added benefit, s4e.io provides pro features to help you identify vulnerabilities in your digital assets, making it easy for you to take additional steps towards increasing your security posture. By keeping your systems and applications up-to-date and staying informed of the latest vulnerabilities, you can ensure the security and safety of your digital assets.
REFERENCES
- https://github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351
- https://github.com/vrana/adminer/files/5957311/Adminer.SSRF.pdf
- https://github.com/vrana/adminer/security/advisories/GHSA-x5r2-hj5c-8jx6
- https://lists.debian.org/debian-lts-announce/2021/03/msg00002.html
- https://packagist.org/packages/vrana/adminer