| VID |
25324 |
| Severity |
20 |
| Port |
5432 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The version of PostgreSQL installed on the remote host is 12.x prior to 12.2. it is potentially affected by a vulnerability :
- ALTER ... DEPENDS ON EXTENSION is missing authorization checks. (CVE-2020-1720)
* References:
https://www.postgresql.org/about/news/2011/
https://access.redhat.com/security/cve/CVE-2020-1720
* Platforms Affected:
PostgreSQL 12.x prior to 12.2
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PostgreSQL (12.2 or later), available from the PostgreSQL Web page at http://www.postgresql.org/download/ |
| Related URL |
CVE-2020-1720 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
