#VU50656 Security restrictions bypass in PostgreSQL - CVE-2021-20229

Cybersecurity Help s.r.o.

Published: 2021-02-11

Vulnerability identifier: #VU50656

Vulnerability risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-20229

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
PostgreSQL
Server applications / Database software

Vendor: PostgreSQL Global Development Group

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to application does not properly impose security restrictions. A user having a SELECT privilege on an individual column can craft a special query that returns all columns of the table. Additionally, a stored view that uses column-level privileges will have incomplete column-usage bitmaps. In installations that depend on column-level permissions for security, it is recommended to execute CREATE OR REPLACE on all user-defined views to force them to be re-parsed.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

PostgreSQL: 13.0 - 13.1

External links
https://www.postgresql.org/about/news/postgresql-132-126-1111-1016-9621-and-9525-released-2165/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell Security Management

Gentoo update for PostgreSQL

openEuler update for postgresql

Security restrictions bypass in postgresql (Alpine package)

Arch Linux update for postgresql

Multiple vulnerabilities in PostgreSQL