Main Vulnerability Database Vulnerabilities #VU107607

#VU107607 Resource management error in pgAdmin - CVE-2023-1907

Published: April 18, 2025

Vulnerability identifier: #VU107607

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-1907

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
pgAdmin

Software vendor:
PlanGenius Admin

Description

The vulnerability allows a remote attacker to escalate privileges within the application.

The vulnerability exists due to improper management of internal resources within the application. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously.

Remediation

Install updates from vendor's website.

External links

https://bugzilla.redhat.com/show_bug.cgi?id=2218384
https://github.com/advisories/GHSA-7w6r-748w-mh52

#VU107607 Resource management error in pgAdmin - CVE-2023-1907

Description

Remediation

External links

Please verify you're human