Description

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.

Remediation

References

CVE-2017-7546

Related Vulnerabilities

WordPress Plugin MasterStudy LMS-for Online Courses and Education Security Bypass (3.3.8)

qdPM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-26165)

WordPress Plugin uTubeVideo Gallery Cross-Site Scripting (2.0.7)

OpenSSL Resource Management Errors Vulnerability (CVE-2012-1165)

WordPress Plugin Product Slider For WooCommerce Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.5)

Severity

Critical

Classification

CVE-2017-7546 CWE-287 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities