Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-7484

Опубликовано: 12 мая 2017
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.

РелизСтатусПримечание
artful

DNE

bionic

not-affected

10.1-1
cosmic

not-affected

10.1-1
devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

10.1-1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
precise/esm

ignored

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was needed
upstream

needed

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

not-affected

9.3.17-0ubuntu0.14.04
precise/esm

DNE

trusty

released

9.3.17-0ubuntu0.14.04
trusty/esm

not-affected

9.3.17-0ubuntu0.14.04
upstream

needed

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

9.5.7-0ubuntu0.16.04
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

9.6.4-1
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

9.6.3

Показывать по

Ссылки на источники

EPSS

Процентиль: 75%
0.00897
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-7484

CVSS3: 4.3
redhat
около 8 лет назад

It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.

nvd логотип

CVE-2017-7484

CVSS3: 7.5
nvd
около 8 лет назад

It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.

debian логотип

CVE-2017-7484

CVSS3: 7.5
debian
около 8 лет назад

It was found that some selectivity estimation functions in PostgreSQL ...

github логотип

GHSA-pwf5-pc7m-6hp4

CVSS3: 7.5
github
около 3 лет назад

It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.

fstec логотип

BDU:2019-03334

CVSS3: 7.5
fstec
около 8 лет назад

Уязвимость системы управления базами данных PostgreSQL, связанная с отсутствием проверки привилегии пользователя перед предоставлением информации из pg_statistic, позволяющая нарушителю получить доступ к конфиденциальным данным

EPSS

Процентиль: 75%
0.00897
Низкий

5 Medium

CVSS2

7.5 High

CVSS3