6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.927 High
EPSS
Percentile
99.0%
03/31/2014
High
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service, unauthorized tables access, bypass group politics restrictions and gain privileges. Below is a complete list of vulnerabilities
PostgreSQL 9.3 versions 9.3.2 and earlier
PostgreSQL 9.2 versions 9.2.6 and earlier
PostgreSQL 9.1 versions 9.1.11 and earlier
PostgreSQL 9.0 versions 9.0.15 and earlier
PostgreSQL versions 8.4.19 and earlier
Update to latest version
PostgreSQL
DoS
CVE-2014-00624.9Warning
CVE-2014-00636.5High
CVE-2014-00604.0Warning
CVE-2014-00616.5High
CVE-2014-00664.0Warning
CVE-2014-00646.5High
CVE-2014-00656.5High
www.postgresql.org/about/news/1506/
www.postgresql.org/download/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/PostgreSQL/