CVE-2020-10802 – This SQL injection vulnerability in phpMyAdmin ... (How to Fix)

Q: What is the severity of CVE-2020-10802?

CVE-2020-10802 has a CVSS score of 8.0 (HIGH). This SQL injection vulnerability in phpMyAdmin allows attackers to execute arbitrary SQL queries by crafting malicious database or table names. Users running affected versions who perform search operations on these malicious databases/tables are vulnerable. The vulnerability stems from improper escaping of parameters in search functionality.

📋 TL;DR

This SQL injection vulnerability in phpMyAdmin allows attackers to execute arbitrary SQL queries by crafting malicious database or table names. Users running affected versions who perform search operations on these malicious databases/tables are vulnerable. The vulnerability stems from improper escaping of parameters in search functionality.

💻 Affected Systems

Products:

phpMyAdmin

Versions: 4.x before 4.9.5, 5.x before 5.0.2

Operating Systems: All operating systems running phpMyAdmin

Default Config Vulnerable: ⚠️ Yes

Notes: Requires user interaction - victim must perform search operations on malicious database/table names crafted by attacker.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, modification, deletion, or potential server takeover via SQL injection leading to remote code execution.

🟠

Likely Case

Unauthorized data access, data manipulation, privilege escalation within the database, and potential information disclosure.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database user privilege restrictions in place.

🌐 Internet-Facing: HIGH - phpMyAdmin is commonly exposed to the internet for database management, making it a prime target.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this to escalate privileges or move laterally.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires attacker to create malicious database/table names and victim to perform search operations on them. Multiple security advisories indicate active awareness.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.9.5 for 4.x branch, 5.0.2 for 5.x branch

Vendor Advisory: https://www.phpmyadmin.net/security/PMASA-2020-2/

Restart Required: No

Instructions:

1. Backup your phpMyAdmin configuration and database. 2. Download latest patched version from phpmyadmin.net. 3. Replace existing phpMyAdmin files with patched version. 4. Clear browser cache and verify functionality.

🔧 Temporary Workarounds

Restrict Database/Table Creation

all

Limit database/table creation privileges to trusted administrators only

GRANT CREATE ON *.* TO 'admin_user'@'localhost';
REVOKE CREATE ON *.* FROM 'regular_user'@'%';

Disable Search Functionality

all

Temporarily disable table search functionality in phpMyAdmin configuration

Add $cfg['Servers'][$i]['AllowUserDropDatabase'] = false; to config.inc.php

🧯 If You Can't Patch

Implement strict input validation for database and table names
Restrict phpMyAdmin access to trusted IP addresses only using .htaccess or firewall rules

🔍 How to Verify

Check if Vulnerable:

Check phpMyAdmin version in the interface footer or via version.php file

Check Version:

grep -i 'version' /path/to/phpmyadmin/libraries/classes/Version.php | head -1

Verify Fix Applied:

Verify version is 4.9.5 or higher for 4.x branch, or 5.0.2 or higher for 5.x branch

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed search attempts
Database/table creation from unexpected sources

Network Indicators:

SQL error messages in HTTP responses
Unusual patterns in phpMyAdmin search requests

SIEM Query:

source="phpmyadmin.log" AND ("SQL syntax" OR "You have an error in your SQL syntax")

📊 Metadata

CVE ID: CVE-2020-10802

CVSS v3 Score: 8.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: March 22, 2020

Last Updated: November 21, 2024

🔗 References

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html Mailing List,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/
https://www.phpmyadmin.net/security/PMASA-2020-3/ Patch,Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html Mailing List,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/
https://www.phpmyadmin.net/security/PMASA-2020-3/ Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-10802, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Backports Sle by Opensuse

Backports Sle by Opensuse

Debian Linux by Debian

Fedora by Fedoraproject

Fedora by Fedoraproject

Fedora by Fedoraproject

Leap by Opensuse

Package Hub by Suse

Phpmyadmin by Phpmyadmin

Phpmyadmin by Phpmyadmin

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict Database/Table Creation

Disable Search Functionality

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities