CVE-2017-7486

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any…

redhat·CWE-522·Published 2017-05-12

CVSS

—

EPSS

0.06

KEV

Exploits

cve.orgen

199 chars

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.

NVDen

199 chars

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.

NVDes

243 chars

Las versiones 8.4 a 9.6 de PostgreSQL son vulnerables a un filtrado de información en la vista pg_user_mappings que revela contraseñas de servidores extranjeros a cualquier usuario que tenga privilegio USAGE en el servidor extranjero asociado.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	NVD	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N