FKIE_CVE-2017-7484

Vulnerability from fkie_nvd - Published: 2017-05-12 19:29 - Updated: 2025-04-20 01:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
References
secalert@redhat.comhttp://www.debian.org/security/2017/dsa-3851
secalert@redhat.comhttp://www.securityfocus.com/bid/98459Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.securitytracker.com/id/1038476
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:1677
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:1678
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:1838
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:1983
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:2425
secalert@redhat.comhttps://security.gentoo.org/glsa/201710-06
secalert@redhat.comhttps://www.postgresql.org/about/news/1746/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2017/dsa-3851
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/98459Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038476
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1677
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1678
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1838
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1983
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2425
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201710-06
af854a3a-2127-422b-91ae-364da2661108https://www.postgresql.org/about/news/1746/Vendor Advisory
Impacted products
Vendor Product Version
postgresql postgresql *
postgresql postgresql 9.3
postgresql postgresql 9.3.1
postgresql postgresql 9.3.2
postgresql postgresql 9.3.3
postgresql postgresql 9.3.4
postgresql postgresql 9.3.5
postgresql postgresql 9.3.6
postgresql postgresql 9.3.7
postgresql postgresql 9.3.8
postgresql postgresql 9.3.9
postgresql postgresql 9.3.10
postgresql postgresql 9.3.11
postgresql postgresql 9.3.12
postgresql postgresql 9.3.13
postgresql postgresql 9.3.14
postgresql postgresql 9.3.15
postgresql postgresql 9.3.16
postgresql postgresql 9.4
postgresql postgresql 9.4.1
postgresql postgresql 9.4.2
postgresql postgresql 9.4.3
postgresql postgresql 9.4.4
postgresql postgresql 9.4.5
postgresql postgresql 9.4.6
postgresql postgresql 9.4.7
postgresql postgresql 9.4.8
postgresql postgresql 9.4.9
postgresql postgresql 9.4.10
postgresql postgresql 9.4.11
postgresql postgresql 9.5
postgresql postgresql 9.5.1
postgresql postgresql 9.5.2
postgresql postgresql 9.5.3
postgresql postgresql 9.5.4
postgresql postgresql 9.5.5
postgresql postgresql 9.5.6
postgresql postgresql 9.6
postgresql postgresql 9.6.1
postgresql postgresql 9.6.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D48E22-78D1-461D-ABE1-C8F578A17CB7",
              "versionEndIncluding": "9.2.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B890251-95EB-44F3-A6A7-F718F3C807B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E5BD02-8C3D-4687-88DE-1C00366270E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "709F5DF9-9F3A-42C3-890B-521B13118C0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D85A34-C897-4E52-8F97-18CA51C5461A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40DAD2B-A6D4-43D8-B282-A3C672356D6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC2FE391-9414-480E-A9B1-CF70280E315E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B6A4ED-FA3B-4251-BF82-755F95277CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7142DF3-124D-43D7-ADD9-70F4F7298557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "28DEA438-A0ED-49DC-AE51-4E9D8D4B6E7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "810B184F-6FB8-48D8-A569-F47BA43C4862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "064BF155-7E2D-47B9-BD2B-C6E9FC06F5FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "676A81BD-7EEE-4770-B9AC-451B09844D6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "30F23D38-BDD6-48E6-A6B2-29CD962EED99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "89833234-3890-4E2E-8FCF-09925D83ED67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8F3ACC3-CB15-47E3-A511-E1D1F75E797F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6FD785-7C9F-4302-B7ED-93CA04473ACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC1BA72C-3A6E-450B-A3DE-3898DEAA9225",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D1323D-3096-4D0F-823A-ECAC9017646D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A587AF3-5E70-4455-8621-DFD048207DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "526AFF26-B3EC-41C3-AC4C-85BFA3F99AC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "89D2CAB7-C3D9-4F21-B902-2E498D00EFEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "88797795-8B1C-455F-8C52-6169B2E47D53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBDE0CC8-F1DF-4723-8FCB-9A33EA8B12D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "90F13667-019B-49DF-929C-3D376FCDE6E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9E20AA3-C0D3-492C-AF3B-9F61550E6983",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "251C78CA-EEC0-49A8-A3D2-3C86D16CCB7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB443A75-2466-4164-A71B-9203933CB0D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B02839D4-EE7D-4D42-8934-322E46B643D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1BAE807-A21F-4980-B64E-911F5E9B16BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF7FC5B-C9E3-4109-B3D6-9AC06F75DCB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2C15A86-9ED9-492E-877B-86963DAA761A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EF74623-EF0E-455D-ADEB-9E336B539D86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FACD7AB7-34E9-4DFC-A788-7B9BF745D780",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E8AEBB-9968-458D-8EE4-2725BBE1A53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ECC17E6-C5FF-4B63-807A-26E5E6932C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DB72357-B16D-488A-995C-2703CCEC1D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7040466B-2A7D-4E75-8E4F-FA70D4A7E014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "44887DE9-506B-46E3-922C-7B3C14B0AF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:9.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1250F15-7A05-452A-8958-3B1B32B326E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto que algunas funciones de estimaci\u00f3n de selectividad en PostgreSQL, en versiones anteriores a la 9.2.21, versiones 9.3.x anteriores a la 9.3.17, versiones 9.4.x anteriores a la 9.4.12, versiones 9.5.x anteriores a la 9.5.7 y versiones 9.6.x anteriores a la 9.6.3, no verificaban los privilegios de usuario antes de ofrecer informaci\u00f3n de pg_statistic, lo que probablemente implique un filtrado de informaci\u00f3n. Un atacante sin privilegios podr\u00eda utilizar este fallo para robar informaci\u00f3n de tablas a las que, de otra forma, no tendr\u00eda acceso."
    }
  ],
  "id": "CVE-2017-7484",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-12T19:29:00.193",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2017/dsa-3851"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98459"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id/1038476"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2017:1677"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2017:1678"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2017:1838"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2017:1983"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2017:2425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://security.gentoo.org/glsa/201710-06"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.postgresql.org/about/news/1746/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2017/dsa-3851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1677"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1678"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:2425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201710-06"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.postgresql.org/about/news/1746/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-285"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.