Severity

High

Vendor

PostgreSQL

Versions Affected

• PostGreSQL versions:
  • All versions prior to 9.2.21
  • 9.3.x versions prior to 9.3.17
  • 9.4.x versions prior to 9.4.12
  • 9.5.x versions prior to 9.5.7
  • 9.6.x versions prior to 9.6.3

Description

It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access. (CVE-2017-7484)

It was found that the PGREQUIRESSL was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. (CVE-2017-7485)

PostgreSQL versions 8.4 – 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server. (CVE-2017-7486)

Affected Cloud Foundry Products and Versions

Severity is high unless otherwise noted.

• Postgres-release versions prior to v17
• Cf-release versions prior to v260

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

• Upgrade to Cloud Foundry v260[1] or later

References

• https://www.postgresql.org/about/news/1746/
• https://github.com/cloudfoundry/cf-release/releases