CVE-2020-10733Untrusted Search Path in Postgresql

CWE-426Untrusted Search Path3 documents3 sources
Severity
7.3HIGHNVD
EPSS
0.2%
top 51.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
PostgresqlMsrc CM1 Postgresql 12.7-1 ON CBL Mariner 1.0
Timeline
PublishedSep 16
Latest updateMay 24

Description

The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having permission to add files into one of those directories can use this to execute arbitrary code with the installer's administrative rights.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.3 | Impact: 5.9

Affected Packages3 packages

NVDpostgresql/postgresql9.59.5.22+4
CVEListV5postgresql/postgresql9.5, 9.6, 10, 11, 12

🔴Vulnerability Details

1
GHSA
GHSA-r2p6-249c-3h56: The Windows installer for PostgreSQL 92022-05-24

📋Vendor Advisories

1
Microsoft
The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working 2020-09-08
CVE-2020-10733 — Untrusted Search Path in Postgresql | cvebase