CVE-2013-1900
Description
PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the contrib/pgcrypto functions.
Risk Information
Base Score
10.0
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.566
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update PostgressSQL to 9.0.13 | Windows |
| Update PostgressSQL to 9.1.9 | Windows |
| Vulnerabilities CVE-2013-1901,CVE-2013-1900,CVE-2013-1899 are fixed in PostgreSQL 9.2.4 | Windows |
| Vulnerabilities CVE-2013-1901,CVE-2013-1900,CVE-2013-1899 are fixed in PostgreSQL 9.1.9 | Windows |
| Vulnerabilities CVE-2013-1900,CVE-2013-1899 are fixed in PostgreSQL 9.0.13 | Windows |
| Vulnerabilities CVE-2013-1900 are fixed in PostgreSQL 8.4.17 | Windows |
| Multiple vulnerabilities are fixed in OS X Mountain Lion Update v10.8.5 (Combo) | Mac |
| Multiple vulnerabilities are fixed in OS X Mountain Lion Update v10.8.5 | Mac |
| Update PostgressSQL to 9.0.13 (For Linux) | Linux |
| Update PostgressSQL to 9.1.9 (For Linux) | Linux |
| Vulnerabilities CVE-2013-1901,CVE-2013-1900,CVE-2013-1899 are fixed in PostgreSQL 9.2.4 (For Linux) | Linux |
| Vulnerabilities CVE-2013-1901,CVE-2013-1900,CVE-2013-1899 are fixed in PostgreSQL 9.1.9 (For Linux) | Linux |
| Vulnerabilities CVE-2013-1900,CVE-2013-1899 are fixed in PostgreSQL 9.0.13 (For Linux) | Linux |
| Vulnerabilities CVE-2013-1900 are fixed in PostgreSQL 8.4.17 (For Linux) | Linux |
| Postgresql-server update (ELSA-2024-10882) postgresql-server-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-pltcl update (ELSA-2024-10882) postgresql-pltcl-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-plpython update (ELSA-2024-10882) postgresql-plpython-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-plperl update (ELSA-2024-10882) postgresql-plperl-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-libs update (ELSA-2024-10882) postgresql-libs-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-libs update (ELSA-2024-10882) postgresql-libs-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-docs update (ELSA-2024-10882) postgresql-docs-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-devel update (ELSA-2024-10882) postgresql-devel-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-devel update (ELSA-2024-10882) postgresql-devel-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-contrib update (ELSA-2024-10882) postgresql-contrib-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql update (ELSA-2024-10882) postgresql-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql update (ELSA-2024-10882) postgresql-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-test update (ELSA-2024-10882) postgresql-test-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-600057 | OS X Mountain Lion Update v10.8.5 (Combo) |
| PATCH-600058 | OS X Mountain Lion Update v10.8.5 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234