CVE-2017-7547

CVE-2017-7547

Vendor Postgresql
Product postgresql
Weakness CWE-522 · Insufficiently protected credentials
Published August 16, 2017
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so.

Key dates

02Disclosure timeline

August 16, 2017 CVE published
September 16, 2024 Record updated