Description

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.

Remediation

References

CVE-2017-7546

Related Vulnerabilities

Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1041)

WordPress Plugin Picturesurf Gallery 'upload.php' Arbitrary File Upload (1.2)

WordPress Plugin BIC Media Widget Cross-Site Scripting (1.0)

WordPress Other Vulnerability (CVE-2007-0109)

TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-23502)

Severity

Critical

Classification

CVE-2017-7546 CWE-287 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities