#VU14591 Man-in-the-middle attack in PostgreSQL Java Database Connectivity - CVE-2018-10936

Cybersecurity Help s.r.o.

Published: 2018-08-31 | Updated: 2018-09-03

Vulnerability identifier: #VU14591

Vulnerability risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-10936

CWE-ID: CWE-300

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
PostgreSQL Java Database Connectivity
Hardware solutions / Drivers

Vendor: PostgreSQL Global Development Group

Description

The vulnerability allows a remote attacker to conduct man-in-the-middle attacks on the target system.

The vulnerability exists in the PostgreSQL Java Database Connectivity (JDBC) driver due to insufficient validation of hostnames by the affected software. A remote unauthenticated attacker can masquerade as a trusted server on the network, conduct a man-in-the-middle attack and conduct further attacks.

Mitigation
Update to version 42.2.5.

Vulnerable software versions

PostgreSQL Java Database Connectivity: 42.0.0 - 42.2.4

External links
https://www.postgresql.org/about/news/1883/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM watsonx.data

Fedora 28 update for postgresql-jdbc

Fedora 29 update for postgresql-jdbc

Man-in-the-middle attack in PostgreSQL Java Database Connectivity