5.5
CVSSv2

CVE-2018-10925

Published: 09/08/2018 Updated: 17/08/2020
CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8
CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8
VMScore: 490
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N

Vulnerability Summary

It exists that PostgreSQL versions prior to 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limited "UPDATE" privileges to a particular table, they could exploit this to update other columns in the same table.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 14.04

canonical ubuntu linux 16.04

canonical ubuntu linux 18.04

debian debian linux 9.0

postgresql postgresql

Vendor Advisories

Synopsis Important: rh-postgresql10-postgresql security update Type/Severity Security Advisory: Important Topic An update for rh-postgresql10-postgresql is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnera ...
Synopsis Important: CloudForms 466 security, bug fix and enhancement update Type/Severity Security Advisory: Important Topic An update is now available for CloudForms Management Engine 59Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Two vulnerabilities have been found in the PostgreSQL database system: CVE-2018-10915 Andrew Krasichkov discovered that libpq did not reset all its connection state during reconnects CVE-2018-10925 It was discovered that some CREATE TABLE statements could disclose server memory For additional information please refer to the upst ...
Synopsis Important: rh-postgresql95-postgresql security update Type/Severity Security Advisory: Important Topic An update for rh-postgresql95-postgresql is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnera ...
Synopsis Important: rh-postgresql96-postgresql security update Type/Severity Security Advisory: Important Topic An update for rh-postgresql96-postgresql is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnera ...
It was discovered that PostgreSQL failed to properly check authorization on certain statements involved with "INSERT ON CONFLICT DO UPDATE" An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory If the attacker also had certain "INSERT" and limited "UPDATE" privileges to a particular table, they co ...
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections If an affected version of libpq were used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to highe ...
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections If an affected version of libpq were used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to highe ...
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections If an affected version of libpq were used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to highe ...
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections If an affected version of libpq were used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to highe ...
The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 105, 9610, 9514, 9419, 9324 This release fixes two security issues as well as bugs reported over the last three months ...
The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 105, 9610, 9514, 9419, 9324 This release fixes two security issues as well as bugs reported over the last three months ...