PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.
References
Link | Resource |
---|---|
http://www.debian.org/security/2017/dsa-3935 | Third Party Advisory |
http://www.debian.org/security/2017/dsa-3936 | Third Party Advisory |
http://www.securityfocus.com/bid/100278 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039142 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2017:2677 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2678 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2728 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2860 | Third Party Advisory |
https://security.gentoo.org/glsa/201710-06 | Third Party Advisory |
https://www.postgresql.org/about/news/1772/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2017-08-10T00:00:00
Updated: 2017-12-30T10:57:01
Reserved: 2017-04-05T00:00:00
Link: CVE-2017-7546
JSON object: View
NVD Information
Status : Modified
Published: 2017-08-16T18:29:00.207
Modified: 2019-10-09T23:29:44.530
Link: CVE-2017-7546
JSON object: View
Redhat Information
No data.
CWE