Lucene search

K
redosRedosROS-20220530-02
HistoryMay 30, 2022 - 12:00 a.m.

ROS-20220530-02

2022-05-3000:00:00
redos.red-soft.ru
12
postgresql
vulnerabilities
remote attackers
arbitrary sql functions
maintenance error

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

69.6%

Vulnerabilities in the Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck components of the PostgreSQL database management system are related to a maintenance error in one component.
pg_amcheck components of PostgreSQL database management system are related to errors when one user services objects of another.
objects by one user to another. Exploitation of the vulnerability could allow an attacker acting
remotely, execute arbitrary SQL functions under a superuser account

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64postgresql<= 12.9-2UNKNOWN

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

69.6%