PostgreSQL CVE-2018-10915 Security Bypass Vulnerability
BID:105054
CVE-2018-10915 |Info
PostgreSQL CVE-2018-10915 Security Bypass Vulnerability
| Bugtraq ID: | 105054 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-10915 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 09 2018 12:00AM |
| Updated: | Aug 09 2018 12:00AM |
| Credit: | Andrew Krasichkov |
| Vulnerable: |
Redhat Virtualization 4 Redhat Software Collections for RHEL 0 Redhat Enterprise Linux 7 PostgreSQL PostgreSQL 9.6.9 PostgreSQL PostgreSQL 9.6.8 PostgreSQL PostgreSQL 9.6.7 PostgreSQL PostgreSQL 9.6.4 PostgreSQL PostgreSQL 9.6 PostgreSQL PostgreSQL 9.5.12 PostgreSQL PostgreSQL 9.5.11 PostgreSQL PostgreSQL 9.5.10 PostgreSQL PostgreSQL 9.5.9 PostgreSQL PostgreSQL 9.5.8 PostgreSQL PostgreSQL 9.5.7 PostgreSQL PostgreSQL 9.5.6 PostgreSQL PostgreSQL 9.5.4 PostgreSQL PostgreSQL 9.5.1 PostgreSQL PostgreSQL 9.5 PostgreSQL PostgreSQL 9.4.17 PostgreSQL PostgreSQL 9.4.16 PostgreSQL PostgreSQL 9.4.15 PostgreSQL PostgreSQL 9.4.14 PostgreSQL PostgreSQL 9.4.13 PostgreSQL PostgreSQL 9.4.12 PostgreSQL PostgreSQL 9.4.11 PostgreSQL PostgreSQL 9.4.9 PostgreSQL PostgreSQL 9.4.6 PostgreSQL PostgreSQL 9.4.5 PostgreSQL PostgreSQL 9.4.4 PostgreSQL PostgreSQL 9.4.3 PostgreSQL PostgreSQL 9.4.2 PostgreSQL PostgreSQL 9.4.1 PostgreSQL PostgreSQL 9.4 PostgreSQL PostgreSQL 9.3.22 PostgreSQL PostgreSQL 9.3.21 PostgreSQL PostgreSQL 9.3.20 PostgreSQL PostgreSQL 9.3.19 PostgreSQL PostgreSQL 9.3.18 PostgreSQL PostgreSQL 9.3.17 PostgreSQL PostgreSQL 9.3.16 PostgreSQL PostgreSQL 9.3.14 PostgreSQL PostgreSQL 9.3.11 PostgreSQL PostgreSQL 9.3.10 PostgreSQL PostgreSQL 9.3.9 PostgreSQL PostgreSQL 9.3.8 PostgreSQL PostgreSQL 9.3.7 PostgreSQL PostgreSQL 9.3.6 PostgreSQL PostgreSQL 9.3.5 PostgreSQL PostgreSQL 9.3.4 PostgreSQL PostgreSQL 9.3.3 PostgreSQL PostgreSQL 9.3.2 PostgreSQL PostgreSQL 9.3 PostgreSQL PostgreSQL 9.6.6 PostgreSQL PostgreSQL 9.6.3 PostgreSQL PostgreSQL 9.6.2 PostgreSQL PostgreSQL 9.6.1 PostgreSQL PostgreSQL 9.5.2 PostgreSQL PostgreSQL 9.4.1-1 PostgreSQL PostgreSQL 9.3.1 PostgreSQL PostgreSQL 10.4 PostgreSQL PostgreSQL 10.3 PostgreSQL PostgreSQL 10.2 PostgreSQL PostgreSQL 10.1 PostgreSQL PostgreSQL 10.0 |
| Not Vulnerable: |
PostgreSQL PostgreSQL 9.6.10 PostgreSQL PostgreSQL 9.5.14 PostgreSQL PostgreSQL 9.4.19 PostgreSQL PostgreSQL 9.3.24 PostgreSQL PostgreSQL 10.5 |
Discussion
PostgreSQL CVE-2018-10915 Security Bypass Vulnerability
PostgreSQL is prone to a security-bypass vulnerability.
Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Versions prior to PostgreSQL 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are vulnerable.
PostgreSQL is prone to a security-bypass vulnerability.
Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Versions prior to PostgreSQL 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are vulnerable.
Solution / Fix
PostgreSQL CVE-2018-10915 Security Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.