{ "threat_severity" : "Important", "public_date" : "2018-08-09T00:00:00Z", "bugzilla" : { "description" : "postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements", "id" : "1612619", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1612619" }, "cvss3" : { "cvss3_base_score" : "7.1", "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "status" : "verified" }, "cwe" : "CWE-863", "details" : [ "It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.", "It was discovered that PostgreSQL failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table." ], "statement" : "Red Hat Virtualization includes vulnerable versions of postgresql. However this flaw is not known to be exploitable under any supported configuration of Red Hat Virtualization. A future update may address this issue.\nThis issue affects the versions of the postsgresql package as shipped with Red Hat Satellite 5.8. However, this flaw is not known to be exploitable under any supported scenario in Satellite 5.8. A future update may address this issue.", "acknowledgement" : "Red Hat would like to thank the PostgreSQL project for reporting this issue.", "affected_release" : [ { "product_name" : "CloudForms Management Engine 5.9", "release_date" : "2018-12-13T00:00:00Z", "advisory" : "RHSA-2018:3816", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "package" : "cfme-0:5.9.6.5-3.el7cf" }, { "product_name" : "CloudForms Management Engine 5.9", "release_date" : "2018-12-13T00:00:00Z", "advisory" : "RHSA-2018:3816", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "package" : "cfme-amazon-smartstate-0:5.9.6.5-2.el7cf" }, { "product_name" : "CloudForms Management Engine 5.9", "release_date" : "2018-12-13T00:00:00Z", "advisory" : "RHSA-2018:3816", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "package" : "cfme-appliance-0:5.9.6.5-1.el7cf" }, { "product_name" : "CloudForms Management Engine 5.9", "release_date" : "2018-12-13T00:00:00Z", "advisory" : "RHSA-2018:3816", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "package" : "cfme-gemset-0:5.9.6.5-2.el7cf" }, { "product_name" : "CloudForms Management Engine 5.9", "release_date" : "2018-12-13T00:00:00Z", "advisory" : "RHSA-2018:3816", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "package" : "dbus-api-service-0:1.0.1-3.1.el7cf" }, { "product_name" : "CloudForms Management Engine 5.9", "release_date" : "2018-12-13T00:00:00Z", "advisory" : "RHSA-2018:3816", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "package" : "httpd-configmap-generator-0:0.2.2-1.2.el7cf" }, { "product_name" : "CloudForms Management Engine 5.9", "release_date" : "2018-12-13T00:00:00Z", "advisory" : "RHSA-2018:3816", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "package" : "postgresql96-0:9.6.10-1PGDG.el7at" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date" : "2018-08-20T00:00:00Z", "advisory" : "RHSA-2018:2511", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el6", "package" : "rh-postgresql95-postgresql-0:9.5.14-1.el6" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date" : "2018-08-27T00:00:00Z", "advisory" : "RHSA-2018:2566", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el6", "package" : "rh-postgresql96-postgresql-0:9.6.10-1.el6" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date" : "2018-08-20T00:00:00Z", "advisory" : "RHSA-2018:2511", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el6", "package" : "rh-postgresql95-postgresql-0:9.5.14-1.el6" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date" : "2018-08-27T00:00:00Z", "advisory" : "RHSA-2018:2566", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el6", "package" : "rh-postgresql96-postgresql-0:9.6.10-1.el6" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2018-08-20T00:00:00Z", "advisory" : "RHSA-2018:2511", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql95-postgresql-0:9.5.14-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2018-08-27T00:00:00Z", "advisory" : "RHSA-2018:2565", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql10-postgresql-0:10.5-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2018-08-27T00:00:00Z", "advisory" : "RHSA-2018:2566", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql96-postgresql-0:9.6.10-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS", "release_date" : "2018-08-20T00:00:00Z", "advisory" : "RHSA-2018:2511", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql95-postgresql-0:9.5.14-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS", "release_date" : "2018-08-27T00:00:00Z", "advisory" : "RHSA-2018:2565", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql10-postgresql-0:10.5-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS", "release_date" : "2018-08-27T00:00:00Z", "advisory" : "RHSA-2018:2566", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql96-postgresql-0:9.6.10-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date" : "2018-08-20T00:00:00Z", "advisory" : "RHSA-2018:2511", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql95-postgresql-0:9.5.14-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date" : "2018-08-27T00:00:00Z", "advisory" : "RHSA-2018:2565", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql10-postgresql-0:10.5-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date" : "2018-08-27T00:00:00Z", "advisory" : "RHSA-2018:2566", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql96-postgresql-0:9.6.10-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS", "release_date" : "2018-08-20T00:00:00Z", "advisory" : "RHSA-2018:2511", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql95-postgresql-0:9.5.14-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS", "release_date" : "2018-08-27T00:00:00Z", "advisory" : "RHSA-2018:2565", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql10-postgresql-0:10.5-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS", "release_date" : "2018-08-27T00:00:00Z", "advisory" : "RHSA-2018:2566", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql96-postgresql-0:9.6.10-1.el7" } ], "package_state" : [ { "product_name" : "CloudForms Management Engine 5", "fix_state" : "Affected", "package_name" : "postgresql94", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5" }, { "product_name" : "Red Hat Ansible Tower 3", "fix_state" : "Affected", "package_name" : "postgresql96", "cpe" : "cpe:/a:redhat:ansible_tower:3" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "postgresql", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "postgresql84", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "postgresql", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "postgresql", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "libpq", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "postgresql", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Mobile Application Platform 4", "fix_state" : "Not affected", "package_name" : "millicore", "cpe" : "cpe:/a:redhat:mobile_application_platform:4" }, { "product_name" : "Red Hat Satellite 5", "fix_state" : "Will not fix", "package_name" : "rh-postgresql95-postgresql", "cpe" : "cpe:/a:redhat:network_satellite:5", "impact" : "moderate" }, { "product_name" : "Red Hat Virtualization 4", "fix_state" : "Not affected", "package_name" : "postgresql", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4" }, { "product_name" : "Red Hat Virtualization 4", "fix_state" : "Affected", "package_name" : "rhvm-appliance", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4", "impact" : "moderate" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-10925\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-10925\nhttps://www.postgresql.org/about/news/1878/" ], "name" : "CVE-2018-10925", "csaw" : false }