Lucene search

[email protected]NVD:CVE-2013-1900

HistoryApr 04, 2013 - 5:55 p.m.

CVE-2013-1900

2013-04-0417:55:00

CWE-189

[email protected]

web.nvd.nist.gov

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

0.008

Percentile

82.1%

JSON

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the “contrib/pgcrypto functions.”

Affected configurations

Nvd

Node

postgresqlpostgresqlMatch9.2

postgresqlpostgresqlMatch9.2.1

postgresqlpostgresqlMatch9.2.2

postgresqlpostgresqlMatch9.2.3

Node

postgresqlpostgresqlMatch9.1

postgresqlpostgresqlMatch9.1.1

postgresqlpostgresqlMatch9.1.2

postgresqlpostgresqlMatch9.1.3

postgresqlpostgresqlMatch9.1.4

postgresqlpostgresqlMatch9.1.5

postgresqlpostgresqlMatch9.1.6

postgresqlpostgresqlMatch9.1.7

postgresqlpostgresqlMatch9.1.8

Node

postgresqlpostgresqlMatch9.0

postgresqlpostgresqlMatch9.0.1

postgresqlpostgresqlMatch9.0.2

postgresqlpostgresqlMatch9.0.3

postgresqlpostgresqlMatch9.0.4

postgresqlpostgresqlMatch9.0.5

postgresqlpostgresqlMatch9.0.6

postgresqlpostgresqlMatch9.0.7

postgresqlpostgresqlMatch9.0.8

postgresqlpostgresqlMatch9.0.9

postgresqlpostgresqlMatch9.0.10

postgresqlpostgresqlMatch9.0.11

postgresqlpostgresqlMatch9.0.12

Node

postgresqlpostgresqlMatch8.4

postgresqlpostgresqlMatch8.4.1

postgresqlpostgresqlMatch8.4.2

postgresqlpostgresqlMatch8.4.3

postgresqlpostgresqlMatch8.4.4

postgresqlpostgresqlMatch8.4.5

postgresqlpostgresqlMatch8.4.6

postgresqlpostgresqlMatch8.4.7

postgresqlpostgresqlMatch8.4.8

postgresqlpostgresqlMatch8.4.9

postgresqlpostgresqlMatch8.4.10

postgresqlpostgresqlMatch8.4.11

postgresqlpostgresqlMatch8.4.12

postgresqlpostgresqlMatch8.4.13

postgresqlpostgresqlMatch8.4.14

postgresqlpostgresqlMatch8.4.15

postgresqlpostgresqlMatch8.4.16

Node

canonicalubuntu_linuxMatch8.04-lts

canonicalubuntu_linuxMatch10.04-lts

canonicalubuntu_linuxMatch11.10

canonicalubuntu_linuxMatch12.04-lts

canonicalubuntu_linuxMatch12.10

VendorProductVersionCPE
postgresqlpostgresql9.2cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*
postgresqlpostgresql9.2.1cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*
postgresqlpostgresql9.2.2cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*
postgresqlpostgresql9.2.3cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*
postgresqlpostgresql9.1cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*
postgresqlpostgresql9.1.1cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*
postgresqlpostgresql9.1.2cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*
postgresqlpostgresql9.1.3cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*
postgresqlpostgresql9.1.4cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*
postgresqlpostgresql9.1.5cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
postgresql	postgresql	9.2	cpe:2.3:a:postgresql:postgresql:9.2:::::::*
postgresql	postgresql	9.2.1	cpe:2.3:a:postgresql:postgresql:9.2.1:::::::*
postgresql	postgresql	9.2.2	cpe:2.3:a:postgresql:postgresql:9.2.2:::::::*
postgresql	postgresql	9.2.3	cpe:2.3:a:postgresql:postgresql:9.2.3:::::::*
postgresql	postgresql	9.1	cpe:2.3:a:postgresql:postgresql:9.1:::::::*
postgresql	postgresql	9.1.1	cpe:2.3:a:postgresql:postgresql:9.1.1:::::::*
postgresql	postgresql	9.1.2	cpe:2.3:a:postgresql:postgresql:9.1.2:::::::*
postgresql	postgresql	9.1.3	cpe:2.3:a:postgresql:postgresql:9.1.3:::::::*
postgresql	postgresql	9.1.4	cpe:2.3:a:postgresql:postgresql:9.1.4:::::::*
postgresql	postgresql	9.1.5	cpe:2.3:a:postgresql:postgresql:9.1.5:::::::*