SB2022082547 - SUSE update for postgresql10 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022082547

SB2022082547 - SUSE update for postgresql10

Published: August 25, 2022

Security Bulletin ID SB2022082547
Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 75% Low 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Missing Encryption of Sensitive Data (CVE-ID: CVE-2021-23214)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to the way PostgreSQL handles encrypted connections. When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.


2) Missing Encryption of Sensitive Data (CVE-ID: CVE-2021-23222)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to the way the libpq process in PostgreSQL handles encrypted connections. A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. The attacker can exfiltrate the client's password or other confidential data that might be transmitted early in a session.


3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-1552)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to incorrectly imposed security restrictions in Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck. A remote authenticated user with permission to create non-temp objects can execute arbitrary SQL functions under a superuser identity and escalate privileges within the application.


4) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-2625)

The vulnerability allows a remote user to escalate privileges within the database.

The vulnerability exists due to extension scripts can replace objects that do not belong to the extension when using the CREATE OR REPLACE or CREATE IF NOT EXISTS commands. A remote user with (1) permissions to create non-temporary objects in at least one schema, (2) ability to lure or wait for an administrator to create or update an affected extension in that schema, and (3) ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS can run arbitrary code as the victim role.


Remediation

Install update from vendor's website.

References