CVE-2017-12419

If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory (as recommended in the "Post-installation and upgrade tasks" section of the MantisBT Admin Guide), and the MySQL client has a local_infile setting enabled (in php.ini mysqli.allow_local_infile, or the MySQL client config file, depending on the PHP setup), an attacker may take advantage of MySQL's "connect file read" feature to remotely access files on the MantisBT server.

Published: Aug 5, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-12419
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
mantisbt / mantisbt	2.5.2	2.5.2.x

http://openwall.com/lists/oss-security/2017/08/04/6
http://www.securityfocus.com/bid/100142
https://mantisbt.org/bugs/view.php?id=23173

Vulnerability Database

289,697

CVE-2017-12419