Authorization Bypass in EnterpriseDB Postgres Advanced Server
CVE-2023-41118
8.8HIGH
What is CVE-2023-41118?
An issue was identified in EnterpriseDB Postgres Advanced Server, allowing authenticated users to circumvent authorization measures. This flaw enables users to execute various file operations, such as reading, writing, copying, renaming, and deleting, on directories set up by superusers via the CREATE DIRECTORY command. This vulnerability poses a significant risk by potentially exposing sensitive data and compromising system integrity.