SB2025030402 - VMware Tanzu Greenplum update for third-party components

Description

This security bulletin contains information about 2 vulnerabilities.

1) Improper Privilege Management (CVE-ID: CVE-2024-0985)

CWE-ID: CWE-269 - Improper Privilege Management

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote user to escalate privileges within the database.

The vulnerability exists due to late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY. A remote user who is an object creator can execute arbitrary SQL functions as the command issuer.

2) Use of Potentially Dangerous Function (CVE-ID: CVE-2023-7101)

CWE-ID: CWE-676 - Use of Potentially Dangerous Function

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper input validation when parsing Excel files. A remote attacker can pass a specially crafted file to the application and execute arbitrary code on the system.

Remediation

Install update from vendor's website.

References

• https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25466
• https://techdocs.broadcom.com/us/en/vmware-tanzu/data-solutions/tanzu-greenplum/7/greenplum-database/relnotes-release-notes.html