CVE-2018-1053 — Insecure Temporary File in Postgresql
Severity
7.0HIGHNVD
EPSS
0.1%
top 75.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 9
Latest updateMay 13
Description
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. This can allow an authenticated attacker to read or modify the one file, which may contain encrypted or unencrypted database passwords. The attack is inf…
CVSS vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9
Affected Packages4 packages
Also affects: Debian Linux 7.0, Ubuntu Linux 14.04, 16.04, 17.10
Patches
🔴Vulnerability Details
3💥Exploits & PoCs
1Exploit-DB
▶
📋Vendor Advisories
2💬Community
6Bugzilla▶
CVE-2018-1053 mingw-postgresql: postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask [fedora-all]↗2018-02-09
Bugzilla▶
CVE-2018-1053 mingw-postgresql: postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask [epel-7]↗2018-02-09
Bugzilla▶
CVE-2018-1053 postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask [fedora-all]↗2018-02-09
Bugzilla▶
CVE-2018-1053 postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask↗2018-01-29