First published: Thu Nov 02 2017(Updated: )
INSERT ... ON CONFLICT DO UPDATE commands disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE privileges. Exploits bypass row level security policies and lack of SELECT privilege. Even then, not all columns are subject to disclosure. Vulnerable Versions: 9.5 - 10
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
debian/postgresql-10 | ||
debian/postgresql-9.1 | ||
redhat/postgresql | <9.5.10 | 9.5.10 |
redhat/postgresql | <9.6.6 | 9.6.6 |
redhat/postgresql | <10.1 | 10.1 |
PostgreSQL PostgreSQL | =9.5 | |
PostgreSQL PostgreSQL | =9.5.1 | |
PostgreSQL PostgreSQL | =9.5.2 | |
PostgreSQL PostgreSQL | =9.5.3 | |
PostgreSQL PostgreSQL | =9.5.4 | |
PostgreSQL PostgreSQL | =9.5.5 | |
PostgreSQL PostgreSQL | =9.5.6 | |
PostgreSQL PostgreSQL | =9.5.7 | |
PostgreSQL PostgreSQL | =9.5.8 | |
PostgreSQL PostgreSQL | =9.5.9 | |
PostgreSQL PostgreSQL | =9.6 | |
PostgreSQL PostgreSQL | =9.6.1 | |
PostgreSQL PostgreSQL | =9.6.2 | |
PostgreSQL PostgreSQL | =9.6.3 | |
PostgreSQL PostgreSQL | =9.6.4 | |
PostgreSQL PostgreSQL | =9.6.5 | |
PostgreSQL PostgreSQL | =10.0 | |
Debian Debian Linux | =9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this PostgreSQL vulnerability is CVE-2017-15099.
The severity level of CVE-2017-15099 is medium.
Versions 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 of PostgreSQL are affected by CVE-2017-15099.
CVE-2017-15099 allows an attacker to disclose table contents that they lack privilege to read.
Yes, the affected versions have remedies available, such as upgrading to version 9.5.10, 9.6.6, or 10.1 of PostgreSQL.