#VU7873 Authentication bypass in PostgreSQL - CVE-2017-7546


Vulnerability identifier: #VU7873

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-7546

CWE-ID: CWE-284

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
PostgreSQL
Server applications / Database software

Vendor: PostgreSQL Global Development Group

Description
The vulnerability allows a remote attacker to bypass authentication on the target system.

The weakness exists in the systems using libpq or a libpq-based connection driver to perform password-based authentication methods due to insufficient security restrictions. A remote attacker can submit an empty password to disable password login and log in to the system.

Successful exploitation of the vulnerability may result in unauthorized access to the system and further attacks.

Mitigation
The vulnerability is addressed in the following versions: 9.2.22, 9.3.18, 9.4.13, 9.5.8, 9.6.4.

Vulnerable software versions

PostgreSQL: 9.2.1 - 9.2.21, 9.3.1 - 9.3.17, 9.4.0 - 9.4.12, 9.5.0 - 9.5.7, 9.6.0 - 9.6.3

External links
https://www.postgresql.org/about/news/1772/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


openSUSE update for postgresql95
Gentoo update for PostgreSQL
Red Hat update for postgresql
Red Hat update for postgresql
Red Hat update for postgresql
OpenSUSE Linux update for postgresql94
OpenSUSE Linux update for postgresql96
Arch Linux update for postgresql
SUSE Linux update for postgresql96
SUSE Linux update for postgresql94