CVE-2017-7486 log

Source
Severity Medium
Remote Yes
Type Information disclosure
Description
A security issue has been found in PostgreSQL < 9.6.3, where the pg_user_mappings view disclosed user mapping options to any user having USAGE privilege on the associated foreign server, including the password. An attacker could then use the password to run arbitrary queries against the server or others accepting the same credentials, not just the limited queries one can issue via foreign tables.
Group Package Affected Fixed Severity Status Ticket
AVG-272 postgresql 9.6.2-1 9.6.3-1 Medium Fixed
Date Advisory Group Package Severity Description
30 May 2017 ASA-201705-23 AVG-272 postgresql Medium information disclosure
References
https://www.postgresql.org/about/news/1746/