CVE-2020-25696

moderate-risk
Published 2020-11-23

A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Do I need to act?

-
0.47% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / HIGH complexity

Affected Products (2)

Affected Vendors

Debian Postgresql

References (8)

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1894430
Mailing List https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html
Third Party Advisory https://security.gentoo.org/glsa/202012-07
Release Notes https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524...
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1894430
Mailing List https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html
Third Party Advisory https://security.gentoo.org/glsa/202012-07
Release Notes https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524...
31
/ 100
moderate-risk
Severity 22/34 · High
Exploitability 2/34 · Minimal
Exposure 7/34 · Low