Multiple vulnerabilities in PostgreSQL



Published: 2020-11-16
Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2020-25695
CVE-2020-25694
CVE-2020-25696
CWE-ID CWE-89
CWE-284
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
PostgreSQL
Server applications / Database software

Vendor PostgreSQL Global Development Group

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) SQL injection

EUVDB-ID: #VU48436

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-25695

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

PostgreSQL: 13.0, 12.0 - 12.4, 11.0 - 11.9, 10.0 - 10.14, 9.6.0 - 9.6.19, 9.5.0 - 9.5.23


CPE2.3 External links

http://bugzilla.redhat.com/show_bug.cgi?id=1894425
http://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Improper access control

EUVDB-ID: #VU48437

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-25694

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote attacker can perform a man-in-the-middle attack or observe clear-text transmissions and downgrade connection security settings.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

PostgreSQL: 13.0, 12.0 - 12.4, 11.0 - 11.9, 10.0 - 10.14, 9.6.0 - 9.6.19, 9.5.0 - 9.5.23


CPE2.3 External links

http://bugzilla.redhat.com/show_bug.cgi?id=1894423
http://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Input validation error

EUVDB-ID: #VU48438

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-25696

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the "\gset" meta-command does not distinguish variables that control psql behavior. A remote attacker can execute arbitrary code as the operating system account.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

PostgreSQL: 13.0, 11.0 - 11.9, 10.0 - 10.14, 9.6.0 - 9.6.19, 9.5.0 - 9.5.23, 12.0 - 12.4


CPE2.3 External links

http://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###