EUVD-2024-44157

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

EnterpriseDB Postgres Advanced Server allows role permission bypass in specific versions, risking file access.

Reporter	Title	Published	Views	Family All 5
CNNVD	EnterpriseDB Postgres Advanced Server 安全漏洞	14 May 202400:00	–	cnnvd
CVE	CVE-2024-4545	9 May 202418:12	–	cve
Cvelist	CVE-2024-4545 EDB Postgres Advanced Server (EPAS) authenticated file read permissions bypass using edbldr	9 May 202418:12	–	cvelist
NVD	CVE-2024-4545	14 May 202415:44	–	nvd
Vulnrichment	CVE-2024-4545 EDB Postgres Advanced Server (EPAS) authenticated file read permissions bypass using edbldr	9 May 202418:12	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "d5f46d45-abf6-3e4c-9c4a-7cfbdfd2751b",
        "vendor": {
          "name": "EnterpriseDB"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "052c8748-1a7e-3415-b740-de39190a221e",
        "product": {
          "name": "EDB Postgres Advanced Server"
        },
        "product_version": "15.0 <15.7.0"
      },
      {
        "id": "93ff8b16-8555-3755-97f5-cf5462ab0f38",
        "product": {
          "name": "EDB Postgres Advanced Server"
        },
        "product_version": "16.0 <16.3.0"
      }
    ]
  }
]

Source	Link
enterprisedb	www.enterprisedb.com/docs/epas/15/epas_rel_notes/
enterprisedb	www.enterprisedb.com/docs/epas/latest/epas_rel_notes/
enterprisedb	www.enterprisedb.com/docs/security/advisories/cve20244545/

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.17.7

EPSS0.00078

SSVC