CVE-2014-8161
Description
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.714
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Postgresql 9.4.0 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.4.1 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.3.6 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.2.10 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.1.15 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.0.19 | Windows |
| Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 Update | Mac |
| Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 Combo Update | Mac |
| Multiple Vulnerabilities are affected in Postgresql 9.4.0 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.4.1 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.3.6 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.2.10 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.1.15 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.0.19 (For Linux) | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-600354 | OS X Yosemite 10.10.5 Update |
| PATCH-600458 | OS X Yosemite 10.10.5 Combo Update |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234