CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
79.9%
INSERT … ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1,
9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that
the invoker lacks privilege to read. These exploits affect only tables
where the attacker lacks full read access but has both INSERT and UPDATE
privileges. Exploits bypass row level security policies and lack of SELECT
privilege.
Author | Note |
---|---|
sbeattie | RLS and ON CONFLICT DO UPDATE introduced in 9.5 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 16.04 | noarch | postgresql-9.5 | < 9.5.10-0ubuntu0.16.04 | UNKNOWN |
ubuntu | 17.10 | noarch | postgresql-9.6 | < 9.6.6-0ubuntu0.17.10 | UNKNOWN |
ubuntu | 17.04 | noarch | postgresql-9.6 | < 9.6.6-0ubuntu0.17.04 | UNKNOWN |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
79.9%