Privilege Escalation Vulnerability in PostgreSQL by Red Hat
CVE-2017-15097

6.5MEDIUM

Key Information:

Vendor
Red Hat
Status
Postgresql Init Script
Vendor
CVE Published:
27 July 2018

Summary

A flaw in the initialization scripts of PostgreSQL provided by Red Hat allows an attacker with access to the postgres user account to escalate privileges and gain root access on the server. This vulnerability can pose significant risks to system integrity and data security, making it critical to apply recommended patches or updates.

Affected Version(s)

postgresql init script all

References

https://access.redhat.com/errata/RHSA-2017:3402
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:3403
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:3405
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.