4.6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.0%
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.
CPE | Name | Operator | Version |
---|---|---|---|
debian:debian_linux | debian debian linux | eq | 8.0 |
rhn.redhat.com/errata/RHSA-2016-1781.html
rhn.redhat.com/errata/RHSA-2016-1820.html
rhn.redhat.com/errata/RHSA-2016-1821.html
rhn.redhat.com/errata/RHSA-2016-2606.html
www.debian.org/security/2016/dsa-3646
www.securityfocus.com/bid/92435
www.securitytracker.com/id/1036617
access.redhat.com/errata/RHSA-2017:2425
security.gentoo.org/glsa/201701-33
www.postgresql.org/about/news/1688/
www.postgresql.org/docs/current/static/release-9-1-23.html
www.postgresql.org/docs/current/static/release-9-2-18.html
www.postgresql.org/docs/current/static/release-9-3-14.html
www.postgresql.org/docs/current/static/release-9-4-9.html
www.postgresql.org/docs/current/static/release-9-5-4.html
More
4.6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.0%