Lucene search
IBM3E9D830AEE3C4411B9F60654B977C4BA33EDEF6C87713DC825ED7D0B149CF7B0HistoryJul 26, 2021 - 2:44 p.m.
Security Bulletin: PostgreSQL vulnerabilities in IBM Robotic Process Automation with Automation Anywhere - CVE-2021-20229
2021-07-2614:44:05
www.ibm.com
15
ibm robotic process automation
automation anywhere
postgresql
vulnerability
confidentiality
cvss base score
EPSS
0.001
Percentile
26.9%
Summary
BM Robotic Process Automation with Automation Anywhere is vulnerable to attacks involving PostgreSQL.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Robotic Process Automation with Automation Anywhere | 11.0 |
Remediation/Fixes
CVEID:CVE-2021-20229
**DESCRIPTION:**A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality.
CVSS Base score: 6.5
CVSS Temporal Score: See: <https://exchange.xforce.ibmcloud.com/vulnerabilities/197301> for the current score.
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Workarounds and Mitigations
None
Related
prion
prion
Design/Logic Flaw
2021-02-23 18:15:00
redhatcve
redhatcve
CVE-2021-20229
2021-02-11 17:06:33
osv
osv
BIT-postgresql-2021-20229
2024-03-06 11:05:42
CVE-2021-20229
2021-02-23 18:15:13
debiancve
debiancve
CVE-2021-20229
2021-02-23 18:15:13
nvd
nvd
CVE-2021-20229
2021-02-23 18:15:13
alpinelinux
alpinelinux
CVE-2021-20229
2021-02-23 18:15:13
openvas
openvas
PostgreSQL < 9.5.25, 9.6.x < 9.6.21, 10.x < 10.16, 11.x < 11.11, 12.x < 12.6, 13.x < 13.2 Information Disclosure Vulnerability - Windows
2021-02-24 00:00:00
PostgreSQL < 9.5.25, 9.6.x < 9.6.21, 10.x < 10.16, 11.x < 11.11, 12.x < 12.6, 13.x < 13.2 Information Disclosure Vulnerability - Linux
2021-02-24 00:00:00
Mageia: Security Advisory (MGASA-2021-0121)
2022-01-28 00:00:00
cvelist
cvelist
CVE-2021-20229
2021-02-23 17:40:53
postgresql
postgresql
Vulnerability in core server (CVE-2021-20229)
2021-02-23 18:15:00
veracode
veracode
Privilege Escalation
2021-02-12 01:49:26
ibm
ibm
cbl_mariner
cbl_mariner
CVE-2021-20229 affecting package postgresql 12.5-2
2021-06-20 03:47:42
cve
cve
CVE-2021-20229
2021-02-23 18:15:13
ubuntucve
ubuntucve
CVE-2021-20229
2021-02-23 00:00:00
kaspersky
kaspersky
KLA12088 Multiple vulnerabilities in PostgreSQL
2021-02-11 00:00:00
mageia
mageia
Updated postgresql packages fix security vulnerabilities
2021-03-12 04:25:47
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2021-05-26 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : postgresql13 (SUSE-SU-2021:0543-1)
2021-02-23 00:00:00
Puppet Enterprise < 2019.8.6 PostgreSQL Vulnerabilities
2023-11-01 00:00:00
PostgreSQL 11.x < 11.11 / 12.x < 12.6 / 13.x < 13.2 Multiple Vulnerabilities
2021-04-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package postgresql13 version 13.2-alt1
2021-02-11 00:00:00
Security fix for the ALT Linux 10 package postgresql14 version 13.2-alt1
2021-02-11 00:00:00
Security fix for the ALT Linux 10 package postgresql15 version 13.2-alt1
2021-02-11 00:00:00
archlinux
archlinux
[ASA-202102-31] postgresql: information disclosure
2021-02-20 00:00:00
EPSS
0.001
Percentile
26.9%
Related for 3E9D830AEE3C4411B9F60654B977C4BA33EDEF6C87713DC825ED7D0B149CF7B0