CVE-2023-39417 — SQL Injection in Postgresql

CWE-89 — SQL Injection11 documents9 sources

Severity

8.8HIGHNVD

CNA7.5

EPSS

0.7%

top 28.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Postgresql Debian Linux Redhat Enterprise Linux

Timeline

PublishedAug 11

Latest updateFeb 15

Description

IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

▶NVDpostgresql/postgresql11.0 — 11.21+4

Also affects: Debian Linux 11.0, 12.0, 8.0, Enterprise Linux 8.0, 9.0

🔴Vulnerability Details

OSV

postgresql-12, postgresql-14, postgresql-15 vulnerabilities↗2023-08-17

▶

CVEList

Postgresql: extension script @substitutions@ within quoting allow sql injection↗2023-08-11

▶

GHSA

GHSA-jx3x-j983-74m3: IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:↗2023-08-11

▶

OSV

CVE-2023-39417: IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:↗2023-08-11

▶

📋Vendor Advisories

CISA ICS

Siemens SINEC NMS↗2024-02-15

▶

Ubuntu

PostgreSQL vulnerability↗2023-09-13

▶

Ubuntu

PostgreSQL vulnerabilities↗2023-08-17

▶

Red Hat

postgresql: extension script @substitutions@ within quoting allow SQL injection↗2023-08-10

▶

Microsoft

Postgresql: extension script @substitutions@ within quoting allow sql injection↗2023-08-08

▶