CVE-2017-7486 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Information disclosure |
| Description | A security issue has been found in PostgreSQL < 9.6.3, where the pg_user_mappings view disclosed user mapping options to any user having USAGE privilege on the associated foreign server, including the password. An attacker could then use the password to run arbitrary queries against the server or others accepting the same credentials, not just the limited queries one can issue via foreign tables. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-272 | postgresql | 9.6.2-1 | 9.6.3-1 | Medium | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 30 May 2017 | ASA-201705-23 | AVG-272 | postgresql | Medium | information disclosure |
| References |
|---|
https://www.postgresql.org/about/news/1746/ |