It was found that PostgreSQL versions before 12.4 before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058 in order to execute arbitrary SQL command in the context of the user used for replication.

🗓️ 27 Aug 2020 07:00:00Reported by MicrosoftType

mscve

mscve🔗 msrc.microsoft.com👁 1 Views

PostgreSQL older than 12.4, 11.9, or 10.14 allows replication user to run SQL via search_path flaw.

Reporter	Title	Published	Views	Family All 248
ALT Linux	Security fix for the ALT Linux 9 package postgresql12 version 10.3-alt1	2 Mar 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package postgresql11 version 11.9-alt0.M80P.1	20 Aug 202000:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package postgresql15 version 12.4-alt1	12 Aug 202000:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package postgresql11 version 10.3-alt1	2 Mar 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package postgresql12-1C version 11.9-alt1	12 Aug 202000:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package postgresql10 version 10.14-alt0.M80P.1	20 Aug 202000:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package postgresql10 version 10.3-alt0.M80P.1	2 Mar 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package postgresql12 version 12.4-alt1	12 Aug 202000:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 7 package postgresql10 version 10.3-alt0.M70P.1	4 Mar 201800:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 7 package postgresql9.3 version 9.3.22-alt0.M70P.1	4 Mar 201800:00	–	altlinux

Vulners

Node

microsoft cm1_postgresql_12.7-1Range<12.7-1

27 Aug 2020 07:00Current

7High risk

Vulners AI Score7

CVSS 26.5

CVSS 3.17.1 - 8.8

EPSS0.81248

PostgreSQL versions older search_path flaw replication user logical replication SQL execution