CVE-2020-25695
postgresql: Multiple features escape "security restricted operation" sandbox
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Se encontró un fallo en PostgreSQL versiones anteriores a 13.1, anteriores a 12.5, anteriores a 11.10, anteriores a 10.15, anteriores a 9.6.20 y anteriores a 9.5.24. Un atacante que tenga permiso para crear objetos no temporales en al menos un esquema puede ejecutar funciones SQL arbitrarias bajo la identidad de un superusuario. La mayor amenaza de esta vulnerabilidad es la confidencialidad e integridad de los datos, asà como la disponibilidad del sistema
A flaw was found in postgresql. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-09-16 CVE Reserved
- 2020-11-16 CVE Published
- 2023-12-03 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20201202-0003 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1894425 | 2021-05-06 | |
| https://security.gentoo.org/glsa/202012-07 | 2022-10-19 | |
| https://www.postgresql.org/support/security | 2022-10-19 | |
| https://access.redhat.com/security/cve/CVE-2020-25695 | 2021-05-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | < 9.5.24 Search vendor "Postgresql" for product "Postgresql" and version " < 9.5.24" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | >= 9.6.0 < 9.6.20 Search vendor "Postgresql" for product "Postgresql" and version " >= 9.6.0 < 9.6.20" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | >= 10.0 < 10.15 Search vendor "Postgresql" for product "Postgresql" and version " >= 10.0 < 10.15" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | >= 11.0 < 11.10 Search vendor "Postgresql" for product "Postgresql" and version " >= 11.0 < 11.10" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | >= 12.0 < 12.5 Search vendor "Postgresql" for product "Postgresql" and version " >= 12.0 < 12.5" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | >= 13.0 < 13.1 Search vendor "Postgresql" for product "Postgresql" and version " >= 13.0 < 13.1" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||