CVE-2023-2455 — Improper Input Validation in Postgresql
Severity
5.4MEDIUMNVD
CNA7.5OSV7.5OSV7.2
EPSS
0.2%
top 54.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 9
Latest updateNov 14
Description
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5
Affected Packages2 packages
Also affects: Fedora 38, Enterprise Linux 8.0, 9.0
🔴Vulnerability Details
7GHSA▶
GHSA-9cv8-8vgq-fg45: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended↗2024-11-14
OSV▶
CVE-2024-10976: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended↗2024-11-14
OSV▶
CVE-2023-2455: Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-s↗2023-06-09
CVEList▶
CVE-2023-2455: Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-s↗2023-06-09
📋Vendor Advisories
7Red Hat
▶
Debian▶
CVE-2024-10976: postgresql-13 - Incomplete tracking in PostgreSQL of tables with row security allows a reused qu...↗2024
Microsoft▶
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is pla↗2023-06-13