CVE-2017-7546

CVE-2017-7546

Vendor Postgresql
Product postgresql
Weakness CWE-287 · Improper authentication
Published August 16, 2017
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.

Key dates

02Disclosure timeline

August 16, 2017 CVE published
September 16, 2024 Record updated