Red Hat update for postgresql



Published: 2018-12-13 | Updated: 2018-12-17
Risk Medium
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2018-1053
CVE-2018-1058
CVE-2018-10915
CVE-2018-10925
CWE-ID CWE-200
CWE-427
CWE-89
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		CloudForms
Client/Desktop applications / Multimedia software

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU10439

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-1053

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

A vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to insufficient security restrictions. A remote attacker can gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudForms: 4.6

External links

http://access.redhat.com/errata/RHSA-2018:3816


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Privilege escalation

EUVDB-ID: #VU10810

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-1058

CWE-ID: CWE-427 - Uncontrolled Search Path Element

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists in the pg_dump function due to improper security restrictions. A local attacker can submit a malicious function in separate namespaces and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudForms: 4.6

External links

http://access.redhat.com/errata/RHSA-2018:3816


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) SQL injection

EUVDB-ID: #VU14326

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10915

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary SQL commands in web application database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted HTTP request to vulnerable script and execute arbitrary SQL commands in web application database.

Successful exploitation of the vulnerability may allow an attacker to gain administrative access to vulnerable web application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudForms: 4.6

External links

http://access.redhat.com/errata/RHSA-2018:3816


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU14327

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10925

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote privileged attacker to obtain potentially sensitive information.

The vulnerability exists due to improper check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". A remote attacker with "CREATE TABLE" privileges can read arbitrary bytes server memory.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CloudForms: 4.6

External links

http://access.redhat.com/errata/RHSA-2018:3816


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###