| VID |
25322 |
| Severity |
20 |
| Port |
5432 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The version of PostgreSQL installed on the remote host is 10.x prior to 10.12. it is potentially affected by a vulnerability :
- ALTER ... DEPENDS ON EXTENSION is missing authorization checks. (CVE-2020-1720)
* References:
https://www.postgresql.org/about/news/2011/
https://access.redhat.com/security/cve/CVE-2020-1720
* Platforms Affected:
PostgreSQL 10.x prior to 10.12
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PostgreSQL (10.12 or later), available from the PostgreSQL Web page at http://www.postgresql.org/download/ |
| Related URL |
CVE-2020-1720 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
