ID CVE-2020-1720
Summary A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17.
References
Vulnerable Configurations
  • cpe:2.3:a:postgresql:postgresql:9.6:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.7:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.8:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.8:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.9:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.9:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.10:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.10:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.11:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.11:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.12:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.12:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.13:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.13:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.14:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.14:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.6.15:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.6.15:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.4:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.6:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.7:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.7:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.8:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.8:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.9:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.9:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.10:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.10:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.4:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.5:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.6:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.6:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:12.0:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:12.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:virtualization:4.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:virtualization:4.0:*:*:*:*:*:*:*
CVSS
Base: 3.5 (as of 17-08-2020 - 19:15)
Impact:
Exploitability:
CWE CWE-862
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:S/C:N/I:P/A:N
redhat via4
advisories
bugzilla
id 1865746
title CVE-2020-14350 postgresql: Uncontrolled search path element in CREATE EXTENSION
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 8 is installed
      oval oval:com.redhat.rhba:tst:20193384074
    • comment Module postgresql:10 is enabled
      oval oval:com.redhat.rhsa:tst:20203669029
    • OR
      • AND
        • comment postgresql is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669001
        • comment postgresql is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908002
      • AND
        • comment postgresql-contrib is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669003
        • comment postgresql-contrib is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908004
      • AND
        • comment postgresql-debugsource is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669005
        • comment postgresql-debugsource is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20203669006
      • AND
        • comment postgresql-docs is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669007
        • comment postgresql-docs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908008
      • AND
        • comment postgresql-plperl is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669009
        • comment postgresql-plperl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908012
      • AND
        • comment postgresql-plpython3 is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669011
        • comment postgresql-plpython3 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20203669012
      • AND
        • comment postgresql-pltcl is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669013
        • comment postgresql-pltcl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908016
      • AND
        • comment postgresql-server is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669015
        • comment postgresql-server is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908018
      • AND
        • comment postgresql-server-devel is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669017
        • comment postgresql-server-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20203669018
      • AND
        • comment postgresql-static is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669019
        • comment postgresql-static is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171983020
      • AND
        • comment postgresql-test is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669021
        • comment postgresql-test is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908020
      • AND
        • comment postgresql-test-rpm-macros is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669023
        • comment postgresql-test-rpm-macros is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20203669024
      • AND
        • comment postgresql-upgrade is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669025
        • comment postgresql-upgrade is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150750033
      • AND
        • comment postgresql-upgrade-devel is earlier than 0:10.14-1.module+el8.2.0+7801+be0fed80
          oval oval:com.redhat.rhsa:tst:20203669027
        • comment postgresql-upgrade-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20203669028
rhsa
id RHSA-2020:3669
released 2020-09-08
severity Moderate
title RHSA-2020:3669: postgresql:10 security and bug fix update (Moderate)
rpms
  • ovirt-engine-0:4.3.10.3-0.2.el7
  • ovirt-engine-backend-0:4.3.10.3-0.2.el7
  • ovirt-engine-dbscripts-0:4.3.10.3-0.2.el7
  • ovirt-engine-extensions-api-impl-0:4.3.10.3-0.2.el7
  • ovirt-engine-extensions-api-impl-javadoc-0:4.3.10.3-0.2.el7
  • ovirt-engine-health-check-bundler-0:4.3.10.3-0.2.el7
  • ovirt-engine-restapi-0:4.3.10.3-0.2.el7
  • ovirt-engine-setup-0:4.3.10.3-0.2.el7
  • ovirt-engine-setup-base-0:4.3.10.3-0.2.el7
  • ovirt-engine-setup-plugin-cinderlib-0:4.3.10.3-0.2.el7
  • ovirt-engine-setup-plugin-ovirt-engine-0:4.3.10.3-0.2.el7
  • ovirt-engine-setup-plugin-ovirt-engine-common-0:4.3.10.3-0.2.el7
  • ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.3.10.3-0.2.el7
  • ovirt-engine-setup-plugin-websocket-proxy-0:4.3.10.3-0.2.el7
  • ovirt-engine-tools-0:4.3.10.3-0.2.el7
  • ovirt-engine-tools-backup-0:4.3.10.3-0.2.el7
  • ovirt-engine-vmconsole-proxy-helper-0:4.3.10.3-0.2.el7
  • ovirt-engine-webadmin-portal-0:4.3.10.3-0.2.el7
  • ovirt-engine-websocket-proxy-0:4.3.10.3-0.2.el7
  • python2-ovirt-engine-lib-0:4.3.10.3-0.2.el7
  • rh-postgresql10-postgresql-0:10.12-2.el7
  • rh-postgresql10-postgresql-contrib-0:10.12-2.el7
  • rh-postgresql10-postgresql-contrib-syspaths-0:10.12-2.el7
  • rh-postgresql10-postgresql-debuginfo-0:10.12-2.el7
  • rh-postgresql10-postgresql-devel-0:10.12-2.el7
  • rh-postgresql10-postgresql-docs-0:10.12-2.el7
  • rh-postgresql10-postgresql-libs-0:10.12-2.el7
  • rh-postgresql10-postgresql-plperl-0:10.12-2.el7
  • rh-postgresql10-postgresql-plpython-0:10.12-2.el7
  • rh-postgresql10-postgresql-pltcl-0:10.12-2.el7
  • rh-postgresql10-postgresql-server-0:10.12-2.el7
  • rh-postgresql10-postgresql-server-syspaths-0:10.12-2.el7
  • rh-postgresql10-postgresql-static-0:10.12-2.el7
  • rh-postgresql10-postgresql-syspaths-0:10.12-2.el7
  • rh-postgresql10-postgresql-test-0:10.12-2.el7
  • rhvm-0:4.3.10.3-0.2.el7
  • rh-postgresql10-postgresql-0:10.12-2.el7
  • rh-postgresql10-postgresql-contrib-0:10.12-2.el7
  • rh-postgresql10-postgresql-contrib-syspaths-0:10.12-2.el7
  • rh-postgresql10-postgresql-debuginfo-0:10.12-2.el7
  • rh-postgresql10-postgresql-devel-0:10.12-2.el7
  • rh-postgresql10-postgresql-docs-0:10.12-2.el7
  • rh-postgresql10-postgresql-libs-0:10.12-2.el7
  • rh-postgresql10-postgresql-plperl-0:10.12-2.el7
  • rh-postgresql10-postgresql-plpython-0:10.12-2.el7
  • rh-postgresql10-postgresql-pltcl-0:10.12-2.el7
  • rh-postgresql10-postgresql-server-0:10.12-2.el7
  • rh-postgresql10-postgresql-server-syspaths-0:10.12-2.el7
  • rh-postgresql10-postgresql-static-0:10.12-2.el7
  • rh-postgresql10-postgresql-syspaths-0:10.12-2.el7
  • rh-postgresql10-postgresql-test-0:10.12-2.el7
  • postgresql-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-contrib-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-contrib-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-debugsource-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-docs-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-docs-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-plperl-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-plperl-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-plpython3-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-plpython3-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-pltcl-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-pltcl-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-server-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-server-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-server-devel-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-server-devel-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-static-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-test-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-test-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-test-rpm-macros-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-upgrade-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-upgrade-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-upgrade-devel-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-upgrade-devel-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1720
misc https://www.postgresql.org/about/news/2011/
suse openSUSE-SU-2020:1227
Last major update 17-08-2020 - 19:15
Published 17-03-2020 - 16:15
Last modified 17-08-2020 - 19:15
Back to Top