CVE-2020-1720 - OpenCVE

A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Enterprise Linux Software Collections Decision Manager
Postgresql	Postgresql

Configuration 1 [-]

OR	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql::::::::

Configuration 2 [-]

OR	cpe:2.3:a:redhat:decision_manager:7.0:::::::*
	cpe:2.3:a:redhat:software_collections:-:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1720	Issue Tracking Patch Third Party Advisory
https://www.postgresql.org/about/news/2011/	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2020-03-17T15:28:24

Updated: 2020-08-17T17:06:13

Reserved: 2019-11-27T00:00:00

Link: CVE-2020-1720

JSON object: View

NVD Information

Status : Modified

Published: 2020-03-17T16:15:11.127

Modified: 2023-11-07T03:19:29.340

Link: CVE-2020-1720

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "postgresql", "vendor": "Red Hat", "versions": [{"status": "affected", "version": "12.2"}, {"status": "affected", "version": "11.7"}, {"status": "affected", "version": "10.12"}, {"status": "affected", "version": "9.6.17"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in PostgreSQL's \"ALTER ... DEPENDS ON EXTENSION\", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-285", "description": "CWE-285", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-08-17T17:06:13", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1720"}, {"tags": ["x_refsource_MISC"], "url": "https://www.postgresql.org/about/news/2011/"}, {"name": "openSUSE-SU-2020:1227", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-1720", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "postgresql", "version": {"version_data": [{"version_value": "12.2"}, {"version_value": "11.7"}, {"version_value": "10.12"}, {"version_value": "9.6.17"}]}}]}, "vendor_name": "Red Hat"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in PostgreSQL's \"ALTER ... DEPENDS ON EXTENSION\", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17."}]}, "impact": {"cvss": [[{"vectorString": "3.1/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}]]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-285"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1720", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1720"}, {"name": "https://www.postgresql.org/about/news/2011/", "refsource": "MISC", "url": "https://www.postgresql.org/about/news/2011/"}, {"name": "openSUSE-SU-2020:1227", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-1720", "datePublished": "2020-03-17T15:28:24", "dateReserved": "2019-11-27T00:00:00", "dateUpdated": "2020-08-17T17:06:13", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "22433FE2-7BED-41DA-9F81-00274B7EA316", "versionEndExcluding": "9.6.17", "versionStartIncluding": "9.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF0F2CCE-26D6-4B21-BF2C-30AC1B22C9FB", "versionEndExcluding": "10.12", "versionStartIncluding": "10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A0FB544-6CEC-47D1-87D5-AC7C5D10B22F", "versionEndExcluding": "11.7", "versionStartIncluding": "11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "278D8AE0-EEB8-43E2-AB98-49B3305B9D21", "versionEndExcluding": "12.2", "versionStartIncluding": "12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "68146098-58F8-417E-B165-5182527117C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*", "matchCriteriaId": "749804DA-4B27-492A-9ABA-6BB562A6B3AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in PostgreSQL's \"ALTER ... DEPENDS ON EXTENSION\", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17."}, {"lang": "es", "value": "Se detect\u00f3 un fallo en \"ALTER ... DEPENDS ON EXTENSION\" de PostgreSQL, donde los subcomandos no realizaron comprobaciones de autorizaci\u00f3n. Un atacante autenticado podr\u00eda usar este fallo en determinadas configuraciones para realizar objetos de descarte, tales como funciones, activadores, y otros, que conllevan a una corrupci\u00f3n de la base de datos. Este problema afecta a PostgreSQL versiones anteriores a 12.2, anteriores a 11.7, anteriores a 10.12 y anteriores a 9.6.17."}], "id": "CVE-2020-1720", "lastModified": "2023-11-07T03:19:29.340", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2020-03-17T16:15:11.127", "references": [{"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1720"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.postgresql.org/about/news/2011/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-285"}], "source": "secalert@redhat.com", "type": "Secondary"}]}