CVE-2020-25696

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1894430

https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html

https://security.gentoo.org/glsa/202012-07

https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/

Details

Source: MITRE

Published: 2020-11-23

Updated: 2020-12-15

Type: CWE-697

Risk Information

CVSS v2

Base Score: 7.6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 4.9

Severity: HIGH

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.6

Severity: HIGH

Tenable Plugins

View all (43 total)

IDNameProductFamilySeverity
150722Oracle Linux 7 : rh-postgresql10-postgresql (ELSA-2021-9290)NessusOracle Linux Local Security Checks
high
147357NewStart CGSL MAIN 6.02 : libpq Multiple Vulnerabilities (NS-SA-2021-0085)NessusNewStart CGSL Local Security Checks
high
146831openSUSE Security Update : postgresql / postgresql13 (openSUSE-2021-337)NessusSuSE Local Security Checks
high
146009CentOS 8 : postgresql:9.6 (CESA-2020:5619)NessusCentOS Local Security Checks
high
146002CentOS 8 : postgresql:12 (CESA-2020:5620)NessusCentOS Local Security Checks
high
145829CentOS 8 : postgresql:10 (CESA-2020:5567)NessusCentOS Local Security Checks
high
145490SUSE SLES12 Security Update : postgresql, postgresql12, postgresql13 (SUSE-SU-2021:0217-1)NessusSuSE Local Security Checks
high
145243RHEL 8 : postgresql:10 (RHSA-2021:0166)NessusRed Hat Local Security Checks
high
145239SUSE SLED15 / SLES15 Security Update : postgresql, postgresql13 (SUSE-SU-2021:0175-1)NessusSuSE Local Security Checks
high
145227RHEL 8 : postgresql:9.6 (RHSA-2021:0167)NessusRed Hat Local Security Checks
high
145226RHEL 8 : libpq (RHSA-2021:0165)NessusRed Hat Local Security Checks
high
145044RHEL 8 : postgresql:12 (RHSA-2021:0163)NessusRed Hat Local Security Checks
high
145043RHEL 8 : postgresql:9.6 (RHSA-2021:0164)NessusRed Hat Local Security Checks
high
145042RHEL 8 : postgresql:10 (RHSA-2021:0161)NessusRed Hat Local Security Checks
high
144988Amazon Linux AMI : postgresql95, postgresql96 (ALAS-2021-1476)NessusAmazon Linux Local Security Checks
high
144850RHEL 8 : libpq (RHSA-2021:0057)NessusRed Hat Local Security Checks
high
144605RHEL 8 : libpq (RHSA-2020:5638)NessusRed Hat Local Security Checks
high
144565Oracle Linux 8 : ELSA-2020-5619-1: / postgresql:9.6 (ELSA-2020-56191)NessusOracle Linux Local Security Checks
high
144564Oracle Linux 8 : ELSA-2020-5620-1: / postgresql:12 (ELSA-2020-56201)NessusOracle Linux Local Security Checks
high
144561Oracle Linux 8 : ELSA-2020-5567-1: / postgresql:10 (ELSA-2020-55671)NessusOracle Linux Local Security Checks
high
144560RHEL 8 : postgresql:9.6 (RHSA-2020:5661)NessusRed Hat Local Security Checks
high
144559RHEL 8 : postgresql:10 (RHSA-2020:5664)NessusRed Hat Local Security Checks
high
144417RHEL 8 : postgresql:12 (RHSA-2020:5620)NessusRed Hat Local Security Checks
high
144401RHEL 8 : postgresql:10 (RHSA-2020:5567)NessusRed Hat Local Security Checks
high
144395RHEL 8 : postgresql:9.6 (RHSA-2020:5619)NessusRed Hat Local Security Checks
high
144213Oracle Linux 8 : libpq (ELSA-2020-5401)NessusOracle Linux Local Security Checks
high
144204RHEL 8 : libpq (RHSA-2020:5401)NessusRed Hat Local Security Checks
high
144160EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2020-2526)NessusHuawei Local Security Checks
high
144060PostgreSQL 9.5.x < 9.5.24 / 9.6.x < 9.6.20 / 10.x < 10.15 / 11.x < 11.10 / 12.x < 12.5 / 13.x < 13.1 Multiple VulnerabilitiesNessusDatabases
high
143871SUSE SLED15 / SLES15 Security Update : postgresql10 (SUSE-SU-2020:3476-1)NessusSuSE Local Security Checks
high
143859SUSE SLED15 / SLES15 Security Update : postgresql12 (SUSE-SU-2020:3463-1)NessusSuSE Local Security Checks
high
143846SUSE SLES15 Security Update : postgresql10 (SUSE-SU-2020:3455-1)NessusSuSE Local Security Checks
high
143737SUSE SLED15 / SLES15 Security Update : postgresql12 (SUSE-SU-2020:3425-1)NessusSuSE Local Security Checks
high
143661SUSE SLES12 Security Update : postgresql10 (SUSE-SU-2020:3464-1)NessusSuSE Local Security Checks
high
143653SUSE SLES12 Security Update : postgresql12 (SUSE-SU-2020:3630-1)NessusSuSE Local Security Checks
high
143617SUSE SLES12 Security Update : postgresql96 (SUSE-SU-2020:3477-1)NessusSuSE Local Security Checks
high
143503GLSA-202012-07 : PostgreSQL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
143461Debian DLA-2478-1 : postgresql-9.6 security updateNessusDebian Local Security Checks
high
143343openSUSE Security Update : postgresql12 (openSUSE-2020-2018)NessusSuSE Local Security Checks
high
143338openSUSE Security Update : postgresql10 (openSUSE-2020-2019)NessusSuSE Local Security Checks
high
143320openSUSE Security Update : postgresql10 (openSUSE-2020-2028)NessusSuSE Local Security Checks
high
143290openSUSE Security Update : postgresql12 (openSUSE-2020-2029)NessusSuSE Local Security Checks
high
142968Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : PostgreSQL vulnerabilities (USN-4633-1)NessusUbuntu Local Security Checks
high