Описание
In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor's position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties
A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or server.
Отчет
Red Hat informs that although there's a difference from NVD CVSSv3 score there's a especial occasion in this CVE that maintain it as a moderate. The scenario for an attacker to get a benefit in this situation requires them to have access to modify a configuration file and write a file where it's needed. This require non-default configuration and also it's not expected to allow an untrusted user to perform this kind of setting.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat build of Debezium 1 | jdbc-postgresql | Affected | ||
| Red Hat build of Quarkus | quarkus-jdbc-postgresql | Not affected | ||
| Red Hat Enterprise Linux 6 | postgresql-jdbc | Out of support scope | ||
| Red Hat Enterprise Linux 7 | postgresql-jdbc | Out of support scope | ||
| Red Hat Enterprise Linux 8 | libreoffice:flatpak/postgresql-jdbc | Not affected | ||
| Red Hat Enterprise Linux 8 | postgresql-jdbc | Not affected | ||
| Red Hat Enterprise Linux 9 | libreoffice:flatpak/postgresql-jdbc | Not affected | ||
| Red Hat Enterprise Linux 9 | postgresql-jdbc | Not affected | ||
| Red Hat Integration Camel K 1 | jdbc-postgresql | Will not fix | ||
| Red Hat Integration Camel Quarkus 1 | jdbc-postgresql | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
** DISPUTED ** In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor's position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties.
In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor's position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties
In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or pro ...
Feature update for ongres-scram, ongres-stringprep, postgresql-jdbc
EPSS
9.8 Critical
CVSS3