fkie_cve-2017-7486
Vulnerability from fkie_nvd
Published
2017-05-12 19:29
Modified
2025-04-20 01:37
Summary
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.
References
secalert@redhat.comhttp://www.debian.org/security/2017/dsa-3851
secalert@redhat.comhttp://www.securityfocus.com/bid/98460Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.securitytracker.com/id/1038476
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:1677
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:1678
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:1838
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:1983
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:2425
secalert@redhat.comhttps://security.gentoo.org/glsa/201710-06
secalert@redhat.comhttps://www.postgresql.org/about/news/1746/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2017/dsa-3851
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/98460Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038476
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1677
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1678
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1838
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1983
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2425
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201710-06
af854a3a-2127-422b-91ae-364da2661108https://www.postgresql.org/about/news/1746/Vendor Advisory
Impacted products
Vendor Product Version
postgresql postgresql 8.4
postgresql postgresql 8.4.1
postgresql postgresql 8.4.2
postgresql postgresql 8.4.3
postgresql postgresql 8.4.4
postgresql postgresql 8.4.5
postgresql postgresql 8.4.6
postgresql postgresql 8.4.7
postgresql postgresql 8.4.8
postgresql postgresql 8.4.9
postgresql postgresql 8.4.10
postgresql postgresql 8.4.11
postgresql postgresql 8.4.12
postgresql postgresql 8.4.13
postgresql postgresql 8.4.14
postgresql postgresql 8.4.15
postgresql postgresql 8.4.16
postgresql postgresql 8.4.17
postgresql postgresql 8.4.18
postgresql postgresql 8.4.19
postgresql postgresql 8.4.20
postgresql postgresql 8.4.21
postgresql postgresql 8.4.22
postgresql postgresql 9.0
postgresql postgresql 9.0.1
postgresql postgresql 9.0.2
postgresql postgresql 9.0.3
postgresql postgresql 9.0.4
postgresql postgresql 9.0.5
postgresql postgresql 9.0.6
postgresql postgresql 9.0.7
postgresql postgresql 9.0.8
postgresql postgresql 9.0.9
postgresql postgresql 9.0.10
postgresql postgresql 9.0.11
postgresql postgresql 9.0.12
postgresql postgresql 9.0.13
postgresql postgresql 9.0.14
postgresql postgresql 9.0.15
postgresql postgresql 9.0.16
postgresql postgresql 9.0.17
postgresql postgresql 9.0.18
postgresql postgresql 9.0.19
postgresql postgresql 9.0.20
postgresql postgresql 9.0.21
postgresql postgresql 9.0.22
postgresql postgresql 9.0.23
postgresql postgresql 9.1
postgresql postgresql 9.1.1
postgresql postgresql 9.1.2
postgresql postgresql 9.1.3
postgresql postgresql 9.1.4
postgresql postgresql 9.1.5
postgresql postgresql 9.1.6
postgresql postgresql 9.1.7
postgresql postgresql 9.1.8
postgresql postgresql 9.1.9
postgresql postgresql 9.1.10
postgresql postgresql 9.1.11
postgresql postgresql 9.1.12
postgresql postgresql 9.1.13
postgresql postgresql 9.1.14
postgresql postgresql 9.1.15
postgresql postgresql 9.1.16
postgresql postgresql 9.1.17
postgresql postgresql 9.1.18
postgresql postgresql 9.1.19
postgresql postgresql 9.1.20
postgresql postgresql 9.1.21
postgresql postgresql 9.1.22
postgresql postgresql 9.1.23
postgresql postgresql 9.1.24
postgresql postgresql 9.2
postgresql postgresql 9.2.1
postgresql postgresql 9.2.2
postgresql postgresql 9.2.3
postgresql postgresql 9.2.4
postgresql postgresql 9.2.5
postgresql postgresql 9.2.6
postgresql postgresql 9.2.7
postgresql postgresql 9.2.8
postgresql postgresql 9.2.9
postgresql postgresql 9.2.10
postgresql postgresql 9.2.11
postgresql postgresql 9.2.12
postgresql postgresql 9.2.13
postgresql postgresql 9.2.14
postgresql postgresql 9.2.15
postgresql postgresql 9.2.16
postgresql postgresql 9.2.17
postgresql postgresql 9.2.18
postgresql postgresql 9.2.19
postgresql postgresql 9.2.20
postgresql postgresql 9.2.21
postgresql postgresql 9.3
postgresql postgresql 9.3.1
postgresql postgresql 9.3.2
postgresql postgresql 9.3.3
postgresql postgresql 9.3.4
postgresql postgresql 9.3.5
postgresql postgresql 9.3.6
postgresql postgresql 9.3.7
postgresql postgresql 9.3.8
postgresql postgresql 9.3.9
postgresql postgresql 9.3.10
postgresql postgresql 9.3.11
postgresql postgresql 9.3.12
postgresql postgresql 9.3.13
postgresql postgresql 9.3.14
postgresql postgresql 9.3.15
postgresql postgresql 9.3.16
postgresql postgresql 9.3.17
postgresql postgresql 9.4
postgresql postgresql 9.4.1
postgresql postgresql 9.4.2
postgresql postgresql 9.4.3
postgresql postgresql 9.4.4
postgresql postgresql 9.4.5
postgresql postgresql 9.4.6
postgresql postgresql 9.4.7
postgresql postgresql 9.4.8
postgresql postgresql 9.4.9
postgresql postgresql 9.4.10
postgresql postgresql 9.4.11
postgresql postgresql 9.4.12
postgresql postgresql 9.5
postgresql postgresql 9.5.1
postgresql postgresql 9.5.2
postgresql postgresql 9.5.3
postgresql postgresql 9.5.4
postgresql postgresql 9.5.5
postgresql postgresql 9.5.6
postgresql postgresql 9.5.7
postgresql postgresql 9.6



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F30CA60-0A82-45CD-8044-CE245393593D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C991F71-1E27-47A6-97DC-424FC3EF6011",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5740C7AA-1772-41D8-9851-3E3669CD8521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "970338CD-A680-4DD0-BD27-459B0DDA4002",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A99C579D-44C0-40A4-A4EB-CBCF40D0C2FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E9E57FA-5EAE-4698-992D-146C6310E0B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C66CDEC1-FB2E-49B7-A8BE-38E43C8ED652",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DF2937-9C51-4768-BAB1-901BCA636ADD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "515C0ECD-2D95-4B6E-8E2F-DAF94E4A310F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0EB754-7A71-40FA-9EAD-44914EB758C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1089D316-D5A3-4F2D-9E52-57FD626A1D06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F17D9158-E85A-4436-9180-E8546CF8F290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "64CBBE6E-8FDA-46AD-96A9-8C6CFFE97ABC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7A0D13E-6B06-42E9-BEB9-C8FCC3A4E2ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB79FB06-4712-4DE8-8C0B-5CEE8530828D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7054A3D4-8C52-4636-B135-1078B8DF1D5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6763B2A-00C4-4AAB-8769-9AAEE4BAA603",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "5618200C-91E9-4501-8585-039A4629E072",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DD7B25B-F29A-4B73-B63B-F00DD9E9BC84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CEF48E4-FB94-497F-8A33-19217A0F092E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "19496ADE-E995-4D22-8635-A7C94EBD8F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D38EDA4-67CA-449A-B7FC-33CCD63698AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC8A4B8-BDFE-46AE-BF7D-7B3FA7FE63F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD4DE67-9E3C-4F79-8AAB-344C1C46C618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCB718D2-97AA-4D61-AA4B-2216EEF55F67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "605C06BF-54A0-40F8-A01E-8641B4A83035",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F1F5B75-78D5-408E-8148-CA23DCED9CBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "88DE8C27-0E0A-4428-B25D-054D4FC6FEA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F609DDE4-0858-4F83-B8E6-7870196E21CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "349F02AF-013E-4264-9717-010293A3D6E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "047926F2-846A-4870-9640-9A4F2804D71B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB0165D8-0BFA-4D46-95A3-45A03DC086FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D6CF6A0-43DC-4C64-A3C4-01EB36F6672B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8251C0-9CAE-4608-BC11-75646A601408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC024E5D-122D-4E3D-AD24-759AB5940F20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "723336B5-405A-4236-A507-2C26E591CF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C9E11A8-2B28-4A6B-BC04-4C556CFA2B56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "32EF44F0-183E-4375-849A-2E6CD65D395F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "380657D1-F847-4D71-B0C7-D055117E49E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B12EFB2-9856-41CC-9BD6-A93E4ED115BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "48139AE4-24AC-4FE6-B26E-D39C0331CC00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "91FF4A48-2D26-41FA-9187-ABA7EF2B0B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D7F267-4B3C-4E3D-B1D5-52C15BED1873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF8340B6-D85C-4928-BC74-217F5BBEC57D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A6F564A-3496-4165-9648-9701FDA6A617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "087FBDA0-0970-43A4-A621-DB733C62BE8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "F134BFAA-DAE2-4888-AE58-6362BAE57EA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4796DBEC-FF4F-4749-90D5-AD83D8B5E086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "79108278-D644-4506-BD9C-F464C6E817B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "10CF0AA0-41CD-4D50-BA7A-BF8846115C95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "965E1A9D-BB23-4C0B-A9CA-54A1855055B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1F37C66-0AFE-4D59-8867-BDBCE656774E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CE53AE6-232C-4068-98D1-7749007C3CFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFD38139-FD17-41E7-8D10-7731D8203CFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC0B41F-38FF-4D41-9E31-D666A84BB2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A591CB08-5CEB-45EB-876F-417DCD60AF53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0B79735-4CF5-4038-9FC4-12A58790B15A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A74DAF9-516D-44BC-B09A-73395EF72873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "B58318BE-FB71-4183-A1F4-5FD207885A89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D931436-34EB-4C42-8F2B-713662DF6627",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2289C7-7E77-41E7-94A6-44B1F9F17CB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9DDEEEC-492D-4F45-B009-3642887843BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F676407-46E1-4737-9162-0E6AB1D3E8AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F203450-E642-4B22-987E-4F128D8882B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A693598-9233-402C-8C14-6A7AD5CE71ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "30385E70-95EB-4040-A45C-118D142067E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD7471D-E6D7-41F6-8754-78ABFC72074E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "2333E8E4-C769-42B3-8F04-A5FA61515C9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1D8D008-C4D9-4D24-9524-83BE68192C1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDD3341-4D4F-4B66-885F-A8723D1E1F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE48BA12-4BF9-4558-996F-20D401FF09D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B39D4A7C-C801-44CD-8E47-E02F8E62AF65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD27648F-E2FF-4779-97F9-2632DCC6B16D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFB4916-8B59-4534-804C-CF9DA1B18508",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3413A3AB-45A3-48E1-9B30-1194C4E7D49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5760CE83-4802-42A0-9338-E1E634882450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B41009E-4028-4D82-B8D0-8B949EDC0A68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "832F3EBE-A92C-4FB3-BF3C-0E7B750F966B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1571EE80-55A6-4F91-909B-C46BA19EC76F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2848E3BC-293A-4A75-BEB7-C2F1637AD3E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADC9133E-94FC-4199-BD69-BBB46CF3799F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "200172CE-40AB-49E3-93D1-9947E3CBFFF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90B21A9-19A7-4DCB-A2FE-C558CCB6BBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "924D1F84-EC50-44C3-A156-DC8E3A5E3909",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A5EAF3B-B148-4B57-8E4E-0B5365003DFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5CE8DB4-CD97-4F60-9080-9FB093BD60CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B5AA780-4378-4959-9256-510C65E6E5B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "74C9EB31-5D8E-4583-BC95-700F53854964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "3700FF66-108C-47C2-B4C2-1CB0B5575EDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "239F26B4-CFB2-4D7A-939E-0215A336A490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C32070D-D751-4D3E-9457-5B1D1C551E70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BADABD34-25A1-46D3-AEFB-249E912A723A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C53E81C9-5693-4929-BC19-DEBAEF686E0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "52B92B02-44DD-40D4-94F7-A3EE4621D854",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B890251-95EB-44F3-A6A7-F718F3C807B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E5BD02-8C3D-4687-88DE-1C00366270E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "709F5DF9-9F3A-42C3-890B-521B13118C0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D85A34-C897-4E52-8F97-18CA51C5461A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40DAD2B-A6D4-43D8-B282-A3C672356D6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC2FE391-9414-480E-A9B1-CF70280E315E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B6A4ED-FA3B-4251-BF82-755F95277CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7142DF3-124D-43D7-ADD9-70F4F7298557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "28DEA438-A0ED-49DC-AE51-4E9D8D4B6E7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "810B184F-6FB8-48D8-A569-F47BA43C4862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "064BF155-7E2D-47B9-BD2B-C6E9FC06F5FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "676A81BD-7EEE-4770-B9AC-451B09844D6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "30F23D38-BDD6-48E6-A6B2-29CD962EED99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "89833234-3890-4E2E-8FCF-09925D83ED67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8F3ACC3-CB15-47E3-A511-E1D1F75E797F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6FD785-7C9F-4302-B7ED-93CA04473ACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC1BA72C-3A6E-450B-A3DE-3898DEAA9225",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FB6018C-3FC5-4D4E-BA7C-07C0A3B47976",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D1323D-3096-4D0F-823A-ECAC9017646D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A587AF3-5E70-4455-8621-DFD048207DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "526AFF26-B3EC-41C3-AC4C-85BFA3F99AC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "89D2CAB7-C3D9-4F21-B902-2E498D00EFEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "88797795-8B1C-455F-8C52-6169B2E47D53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBDE0CC8-F1DF-4723-8FCB-9A33EA8B12D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "90F13667-019B-49DF-929C-3D376FCDE6E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9E20AA3-C0D3-492C-AF3B-9F61550E6983",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "251C78CA-EEC0-49A8-A3D2-3C86D16CCB7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB443A75-2466-4164-A71B-9203933CB0D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B02839D4-EE7D-4D42-8934-322E46B643D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1BAE807-A21F-4980-B64E-911F5E9B16BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "46ED9A2E-8169-4470-AE61-54829B11BDAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF7FC5B-C9E3-4109-B3D6-9AC06F75DCB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2C15A86-9ED9-492E-877B-86963DAA761A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EF74623-EF0E-455D-ADEB-9E336B539D86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FACD7AB7-34E9-4DFC-A788-7B9BF745D780",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E8AEBB-9968-458D-8EE4-2725BBE1A53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ECC17E6-C5FF-4B63-807A-26E5E6932C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DB72357-B16D-488A-995C-2703CCEC1D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9671475-BC67-436F-B2B1-5128347B3C64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7040466B-2A7D-4E75-8E4F-FA70D4A7E014",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server."
    },
    {
      "lang": "es",
      "value": "Las versiones 8.4 a 9.6 de PostgreSQL son vulnerables a un filtrado de informaci\u00f3n en la vista pg_user_mappings que revela contrase\u00f1as de servidores extranjeros a cualquier usuario que tenga privilegio USAGE en el servidor extranjero asociado."
    }
  ],
  "id": "CVE-2017-7486",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-12T19:29:00.270",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2017/dsa-3851"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98460"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id/1038476"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2017:1677"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2017:1678"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2017:1838"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2017:1983"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2017:2425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://security.gentoo.org/glsa/201710-06"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.postgresql.org/about/news/1746/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2017/dsa-3851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98460"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1677"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1678"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:2425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201710-06"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.postgresql.org/about/news/1746/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…