CVE-2013-1903

HIGH

Description

PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and Mac OS X," which has unspecified impact and attack vectors.

References

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.postgresql.org/about/news/1456/

http://www.postgresql.org/support/security/

Details

Source: MITRE

Published: 2013-04-04

Updated: 2017-10-20

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH