certfr_avis - certfr-2022-avi-460

CERTFR-2022-AVI-460

Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans PostgreSQL. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
PostgreSQL	PostgreSQL	PostgreSQL versions 10.x antérieures à 10.21
PostgreSQL	PostgreSQL	PostgreSQL versions 12.x antérieures à 12.11
PostgreSQL	PostgreSQL	PostgreSQL versions 14.x antérieures à 14.3
PostgreSQL	PostgreSQL	PostgreSQL versions 13.x antérieures à 13.7
PostgreSQL	PostgreSQL	PostgreSQL versions 11.x antérieures à 11.16

References

Title

Publication Time

Tags

Bulletin de sécurité PostgreSQL CVE-2022-1552 du 12 mai 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PostgreSQL versions 10.x ant\u00e9rieures \u00e0 10.21",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    },
    {
      "description": "PostgreSQL versions 12.x ant\u00e9rieures \u00e0 12.11",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    },
    {
      "description": "PostgreSQL versions 14.x ant\u00e9rieures \u00e0 14.3",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    },
    {
      "description": "PostgreSQL versions 13.x ant\u00e9rieures \u00e0 13.7",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    },
    {
      "description": "PostgreSQL versions 11.x ant\u00e9rieures \u00e0 11.16",
      "product": {
        "name": "PostgreSQL",
        "vendor": {
          "name": "PostgreSQL",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-1552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1552"
    }
  ],
  "initial_release_date": "2022-05-13T00:00:00",
  "last_revision_date": "2022-05-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-460",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-05-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans PostgreSQL. Elle permet \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et\nune \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans PostgreSQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 PostgreSQL CVE-2022-1552 du 12 mai 2022",
      "url": "https://www.postgresql.org/support/security/CVE-2022-1552/"
    }
  ]
}

CVE-2022-1552 (GCVE-0-2022-1552)

Vulnerability from cvelistv5

Published

2022-08-31 00:00

Modified

2024-08-03 00:10

Severity ?

CWE

CWE-459 - - Incomplete Cleanup, CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection').

Summary

A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=2081126
	https://www.postgresql.org/about/news/postgresql-143-137-1211-1116-and-1021-released-2449/
	https://www.postgresql.org/support/security/CVE-2022-1552/
	https://access.redhat.com/security/cve/CVE-2022-1552
	https://security.netapp.com/advisory/ntap-20221104-0005/
	https://security.gentoo.org/glsa/202211-04	vendor-advisory

Impacted products

	Vendor	Product	Version
	n/a	postgresql	Version: Fixed in postgresql 14.3, postgresql 13.7, postgresql 12.11, postgresql 11.16, postgresql 10.21.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:10:03.498Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081126"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/about/news/postgresql-143-137-1211-1116-and-1021-released-2449/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/CVE-2022-1552/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2022-1552"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20221104-0005/"
          },
          {
            "name": "GLSA-202211-04",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202211-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "postgresql",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in postgresql 14.3, postgresql 13.7, postgresql 12.11, postgresql 11.16, postgresql 10.21."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user\u0027s objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459- Incomplete Cleanup, CWE-89 - Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027).",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081126"
        },
        {
          "url": "https://www.postgresql.org/about/news/postgresql-143-137-1211-1116-and-1021-released-2449/"
        },
        {
          "url": "https://www.postgresql.org/support/security/CVE-2022-1552/"
        },
        {
          "url": "https://access.redhat.com/security/cve/CVE-2022-1552"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20221104-0005/"
        },
        {
          "name": "GLSA-202211-04",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202211-04"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-1552",
    "datePublished": "2022-08-31T00:00:00",
    "dateReserved": "2022-05-02T00:00:00",
    "dateUpdated": "2024-08-03T00:10:03.498Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CERTFR-2022-AVI-460

Vulnerability from certfr_avis

Solution

CVE-2022-1552 (GCVE-0-2022-1552)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature