---

CVE-2017-7486 - log back

CVE-2017-7486 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Information disclosure
Description	+ A security issue has been found in PostgreSQL < 9.6.3, where the pg_user_mappings view disclosed user mapping options to any user having USAGE privilege on the associated foreign server, including the password. An attacker could then use the password to run arbitrary queries against the server or others accepting the same credentials, not just the limited queries one can issue via foreign tables.
References	+ https://www.postgresql.org/about/news/1746/
Notes