CVE-2019-10127

EUVD-2019-2169
A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code. An attacker having only the unprivileged Windows account can read arbitrary data directory files, essentially bypassing database-imposed read access limitations. An attacker having only the unprivileged Windows account can also delete certain data directory files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
Affected Products (NVD)
VendorProductVersion
postgresqlpostgresql
𝑥
< 9.4.22
postgresqlpostgresql
9.5.0 ≤
𝑥
< 9.5.17
postgresqlpostgresql
9.6.0 ≤
𝑥
< 9.6.13
postgresqlpostgresql
10.0 ≤
𝑥
< 10.8
postgresqlpostgresql
11.0 ≤
𝑥
< 11.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
postgresql-10
bionic
not-affected
cosmic
not-affected
disco
dne
trusty
dne
xenial
dne
postgresql-11
bionic
dne
cosmic
dne
disco
not-affected
trusty
dne
xenial
dne
postgresql-9.1
bionic
dne
cosmic
dne
disco
dne
trusty
dne
xenial
dne
postgresql-9.3
bionic
dne
cosmic
dne
disco
dne
trusty
not-affected
xenial
dne
postgresql-9.5
bionic
dne
cosmic
dne
disco
dne
trusty
dne
xenial
not-affected
Common Weakness Enumeration
References
https://bugzilla.redhat.com/show_bug.cgi?id=1707098
https://security.netapp.com/advisory/ntap-20210430-0004/
https://www.postgresql.org/about/news/1939/
https://bugzilla.redhat.com/show_bug.cgi?id=1707098
https://security.netapp.com/advisory/ntap-20210430-0004/
https://www.postgresql.org/about/news/1939/