// For flags

CVE-2021-23214

postgresql: server processes unencrypted bytes from man-in-the-middle

Severity Score

8.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.

Cuando el servidor está configurado para usar la autenticación confiable con un requisito de clientcert o para usar la autenticación de cert, un atacante de tipo man-in-the-middle puede inyectar consultas SQL arbitrarias cuando es establecida una conexión por primera vez, a pesar del uso de la verificación y el cifrado del certificado SSL

It was found that a PostgreSQL server could accept plain text data during the establishment of an SSL connection. When a user is requesting a certificate based authentication, an active Person in the Middle could use this flaw in order to inject arbitrary SQL commands.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-11-03 CVE Reserved
  • 2021-11-12 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-11-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Postgresql
Search vendor "Postgresql"
Postgresql
Search vendor "Postgresql" for product "Postgresql"
< 9.6.24
Search vendor "Postgresql" for product "Postgresql" and version " < 9.6.24"
-
Affected
Postgresql
Search vendor "Postgresql"
Postgresql
Search vendor "Postgresql" for product "Postgresql"
>= 10.0 < 10.19
Search vendor "Postgresql" for product "Postgresql" and version " >= 10.0 < 10.19"
-
Affected
Postgresql
Search vendor "Postgresql"
Postgresql
Search vendor "Postgresql" for product "Postgresql"
>= 11.0 < 11.14
Search vendor "Postgresql" for product "Postgresql" and version " >= 11.0 < 11.14"
-
Affected
Postgresql
Search vendor "Postgresql"
Postgresql
Search vendor "Postgresql" for product "Postgresql"
>= 12.0 < 12.9
Search vendor "Postgresql" for product "Postgresql" and version " >= 12.0 < 12.9"
-
Affected
Postgresql
Search vendor "Postgresql"
Postgresql
Search vendor "Postgresql" for product "Postgresql"
>= 13.0 < 13.5
Search vendor "Postgresql" for product "Postgresql" and version " >= 13.0 < 13.5"
-
Affected
Postgresql
Search vendor "Postgresql"
Postgresql
Search vendor "Postgresql" for product "Postgresql"
14.0
Search vendor "Postgresql" for product "Postgresql" and version "14.0"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
34
Search vendor "Fedoraproject" for product "Fedora" and version "34"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
35
Search vendor "Fedoraproject" for product "Fedora" and version "35"
-
Affected
Redhat
Search vendor "Redhat"
Software Collections
Search vendor "Redhat" for product "Software Collections"
1.0
Search vendor "Redhat" for product "Software Collections" and version "1.0"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
8.0
Search vendor "Redhat" for product "Enterprise Linux" and version "8.0"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux For Ibm Z Systems
Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems"
8.0
Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" and version "8.0"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux For Power Little Endian
Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian"
8.0
Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" and version "8.0"
-
Affected