INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE privileges. Exploits bypass row level security policies and lack of SELECT privilege.
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2017-15099 from the MITRE CVE dictionary dictionary and NIST NVD.
This issue affects the versions of rh-postgresql95-postgresql, and rh-postgresql96-postgresql as shipped with Red Hat Software Collections 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
CVSS3 Base Score | 3.1 |
---|---|
CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Attack Vector | Network |
Attack Complexity | High |
Privileges Required | Low |
User Interaction | None |
Scope | Unchanged |
Confidentiality | Low |
Integrity Impact | None |
Availability Impact | None |
Platform | Errata | Release Date |
---|---|---|
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-postgresql96-postgresql) | RHSA-2018:2566 | 2018-08-27 |
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-postgresql95-postgresql) | RHSA-2018:2511 | 2018-08-20 |
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-postgresql96-postgresql) | RHSA-2018:2566 | 2018-08-27 |
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-postgresql95-postgresql) | RHSA-2018:2511 | 2018-08-20 |
Platform | Package | State |
---|---|---|
Red Hat Software Collections for Red Hat Enterprise Linux | rh-postgresql94-postgresql | Not affected |
Red Hat Satellite 5 | postgresql92-postgresql | Not affected |
Red Hat Enterprise Linux 7 | postgresql | Not affected |
Red Hat Enterprise Linux 6 | postgresql | Not affected |
Red Hat Enterprise Linux 5 | postgresql84 | Not affected |
Red Hat Enterprise Linux 5 | postgresql | Not affected |