Home

CVE-2017-7546

Description

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
31.12

Associated Vulnerability

VulnerabilityOS Platform
Update PostgressSQL to 9.2.22Windows
Update PostgressSQL to 9.3.18Windows
Update PostgressSQL to 9.4.13Windows
Vulnerabilities CVE-2017-7548,CVE-2017-7547,CVE-2017-7546 are fixed in PostgreSQL 9.6.4Windows
Vulnerabilities CVE-2017-7548,CVE-2017-7547,CVE-2017-7546 are fixed in PostgreSQL 9.5.8Windows
Vulnerabilities CVE-2017-7548,CVE-2017-7547,CVE-2017-7546 are fixed in PostgreSQL 9.4.13Windows
Vulnerabilities CVE-2017-7547,CVE-2017-7546 are fixed in PostgreSQL 9.3.18Windows
Vulnerabilities CVE-2017-7547,CVE-2017-7546 are fixed in PostgreSQL 9.2.22Windows
object-relational SQL database (USN-3390-1) postgresql-9.3_9.3.18-0ubuntu0.14.04.1_i386.debLinux
object-relational SQL database (USN-3390-1) postgresql-9.3_9.3.18-0ubuntu0.14.04.1_amd64.debLinux
object-relational SQL database (USN-3390-1) postgresql-9.5_9.5.8-0ubuntu0.16.04.1_i386.debLinux
object-relational SQL database (USN-3390-1) postgresql-9.5_9.5.8-0ubuntu0.16.04.1_amd64.debLinux
object-relational SQL database (USN-3390-1) postgresql-9.6_9.6.4-0ubuntu0.17.04.1_i386.debLinux
object-relational SQL database (USN-3390-1) postgresql-9.6_9.6.4-0ubuntu0.17.04.1_amd64.debLinux
Postgresql security update (CESA-2017:2860) postgresql-8.4.20-8.el6_9.i686.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-docs-8.4.20-8.el6_9.i686.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-docs-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-libs-8.4.20-8.el6_9.i686.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-libs-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-test-8.4.20-8.el6_9.i686.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-test-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-devel-8.4.20-8.el6_9.i686.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-devel-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-pltcl-8.4.20-8.el6_9.i686.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-pltcl-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-plperl-8.4.20-8.el6_9.i686.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-plperl-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-server-8.4.20-8.el6_9.i686.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-server-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-contrib-8.4.20-8.el6_9.i686.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-contrib-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-plpython-8.4.20-8.el6_9.i686.rpmLinux
Postgresql security update (CESA-2017:2860) postgresql-plpython-8.4.20-8.el6_9.x86_64.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-8.4.20-8.el6_9.i686.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-8.4.20-8.el6_9.x86_64.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-contrib-8.4.20-8.el6_9.i686.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-contrib-8.4.20-8.el6_9.x86_64.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-devel-8.4.20-8.el6_9.i686.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-devel-8.4.20-8.el6_9.x86_64.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-docs-8.4.20-8.el6_9.i686.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-docs-8.4.20-8.el6_9.x86_64.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-libs-8.4.20-8.el6_9.i686.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-libs-8.4.20-8.el6_9.x86_64.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-plperl-8.4.20-8.el6_9.i686.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-plperl-8.4.20-8.el6_9.x86_64.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-plpython-8.4.20-8.el6_9.i686.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-plpython-8.4.20-8.el6_9.x86_64.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-pltcl-8.4.20-8.el6_9.i686.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-pltcl-8.4.20-8.el6_9.x86_64.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-server-8.4.20-8.el6_9.i686.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-server-8.4.20-8.el6_9.x86_64.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-test-8.4.20-8.el6_9.i686.rpmLinux
(RHSA-2017:2860) Moderate: postgresql security update postgresql-test-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql update (ELSA-2017-2860) postgresql-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql-contrib update (ELSA-2017-2860) postgresql-contrib-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql-devel update (ELSA-2017-2860) postgresql-devel-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql-docs update (ELSA-2017-2860) postgresql-docs-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql-libs update (ELSA-2017-2860) postgresql-libs-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql-plperl update (ELSA-2017-2860) postgresql-plperl-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql-plpython update (ELSA-2017-2860) postgresql-plpython-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql-pltcl update (ELSA-2017-2860) postgresql-pltcl-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql-server update (ELSA-2017-2860) postgresql-server-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql-test update (ELSA-2017-2860) postgresql-test-8.4.20-8.el6_9.x86_64.rpmLinux
Postgresql update (ELSA-2017-2860) postgresql-8.4.20-8.el6_9.i686.rpmLinux
Postgresql-contrib update (ELSA-2017-2860) postgresql-contrib-8.4.20-8.el6_9.i686.rpmLinux
Postgresql-devel update (ELSA-2017-2860) postgresql-devel-8.4.20-8.el6_9.i686.rpmLinux
Postgresql-docs update (ELSA-2017-2860) postgresql-docs-8.4.20-8.el6_9.i686.rpmLinux
Postgresql-libs update (ELSA-2017-2860) postgresql-libs-8.4.20-8.el6_9.i686.rpmLinux
Postgresql-plperl update (ELSA-2017-2860) postgresql-plperl-8.4.20-8.el6_9.i686.rpmLinux
Postgresql-plpython update (ELSA-2017-2860) postgresql-plpython-8.4.20-8.el6_9.i686.rpmLinux
Postgresql-pltcl update (ELSA-2017-2860) postgresql-pltcl-8.4.20-8.el6_9.i686.rpmLinux
Postgresql-server update (ELSA-2017-2860) postgresql-server-8.4.20-8.el6_9.i686.rpmLinux
Postgresql-test update (ELSA-2017-2860) postgresql-test-8.4.20-8.el6_9.i686.rpmLinux
Update PostgressSQL to 9.2.22 (For Linux)Linux
Update PostgressSQL to 9.3.18 (For Linux)Linux
Update PostgressSQL to 9.4.13 (For Linux)Linux
Vulnerabilities CVE-2017-7548,CVE-2017-7547,CVE-2017-7546 are fixed in PostgreSQL 9.6.4 (For Linux)Linux
Vulnerabilities CVE-2017-7548,CVE-2017-7547,CVE-2017-7546 are fixed in PostgreSQL 9.5.8 (For Linux)Linux
Vulnerabilities CVE-2017-7548,CVE-2017-7547,CVE-2017-7546 are fixed in PostgreSQL 9.4.13 (For Linux)Linux
Vulnerabilities CVE-2017-7547,CVE-2017-7546 are fixed in PostgreSQL 9.3.18 (For Linux)Linux
Vulnerabilities CVE-2017-7547,CVE-2017-7546 are fixed in PostgreSQL 9.2.22 (For Linux)Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234