JVNDB-2023-000023

Vulnerability from jvndb - Published: 2023-03-06 15:22 - Updated:2024-06-10 16:41
Severity ?
5.4 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
Multiple vulnerabilities in PostgreSQL extension module pg_ivm
Details
pg_ivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pg_ivm contains multiple vulnerabilities listed below.
  • Exposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2023-22847 An Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to.
  • Uncontrolled search path element (CWE-427) - CVE-2023-23554 When refreshing an IMMV, pg_ivm executes functions without specifying schema names. Under certain conditions, pg_ivm may be tricked to execute unexpected functions from other schemas with the IMMV owner's privilege.
IVM Development Group reported these vulnerabilities to IPA to notify users of its solution through JVN. JPCERT/CC and IVM Development Group coordinated under the Information Security Early Warning Partnership.
References
Impacted products
Show details on JVN DB website
To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000023.html",
  "dc:date": "2024-06-10T16:41+09:00",
  "dcterms:issued": "2023-03-06T15:22+09:00",
  "dcterms:modified": "2024-06-10T16:41+09:00",
  "description": "pg_ivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pg_ivm contains multiple vulnerabilities listed below.\r\n\u003cul\u003e\u003cli\u003eExposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2023-22847\r\nAn Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to.\u003c/ul\u003e\r\n\u003cul\u003e\u003cli\u003eUncontrolled search path element (CWE-427) - CVE-2023-23554\r\nWhen refreshing an IMMV, pg_ivm executes functions without specifying schema names. Under certain conditions, pg_ivm may be tricked to execute unexpected functions from other schemas with the IMMV owner\u0027s privilege.\u003c/ul\u003e\r\n\r\nIVM Development Group reported these vulnerabilities to IPA to notify users of its solution through JVN. JPCERT/CC and IVM Development Group coordinated under the Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000023.html",
  "sec:cpe": {
    "#text": "cpe:/a:sraoss:pg_ivm",
    "@product": "pg_ivm",
    "@vendor": "IVM Development Group",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "5.5",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
      "@version": "2.0"
    },
    {
      "@score": "5.4",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2023-000023",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN19872280/index.html",
      "@id": "JVN#19872280",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-22847",
      "@id": "CVE-2023-22847",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-23554",
      "@id": "CVE-2023-23554",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-22847",
      "@id": "CVE-2023-22847",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-23554",
      "@id": "CVE-2023-23554",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-200",
      "@title": "Information Exposure(CWE-200)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Multiple vulnerabilities in PostgreSQL extension module pg_ivm"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.