Vulnerabilities > CVE-2023-2454

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

postgresql

redhat

fedoraproject

NVD

Published: 2023-06-09

Updated: 2023-07-06

Summary

schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
Application	Postgresql Postgresql Postgresql 15.0 Postgresql Postgresql 15.1 Postgresql Postgresql 15.2 Postgresql Postgresql 14.0 Postgresql Postgresql 14.1 Postgresql Postgresql 14.2 Postgresql Postgresql 14.3 Postgresql Postgresql 14.4 Postgresql Postgresql 14.5 Postgresql Postgresql 14.6 Postgresql Postgresql 14.7 Postgresql Postgresql 13.0 Postgresql Postgresql 13.1 Postgresql Postgresql 13.2 Postgresql Postgresql 13.3 Postgresql Postgresql 13.4 Postgresql Postgresql 13.5 Postgresql Postgresql 13.6 Postgresql Postgresql 13.7 Postgresql Postgresql 13.8 Postgresql Postgresql 13.9 Postgresql Postgresql 13.10 Postgresql Postgresql 12.0 Postgresql Postgresql 12.1 Postgresql Postgresql 12.2 Postgresql Postgresql 12.3 Postgresql Postgresql 12.4 Postgresql Postgresql 12.5 Postgresql Postgresql 12.6 Postgresql Postgresql 12.7 Postgresql Postgresql 12.8 Postgresql Postgresql 12.9 Postgresql Postgresql 12.10 Postgresql Postgresql 12.11 Postgresql Postgresql 12.12 Postgresql Postgresql 12.13 Postgresql Postgresql 12.14 Postgresql Postgresql 11.0 Postgresql Postgresql 11.1 Postgresql Postgresql 11.2 Postgresql Postgresql 11.3 Postgresql Postgresql 11.4 Postgresql Postgresql 11.5 Postgresql Postgresql 11.6 Postgresql Postgresql 11.7 Postgresql Postgresql 11.8 Postgresql Postgresql 11.9 Postgresql Postgresql 11.10 Postgresql Postgresql 11.11 Postgresql Postgresql 11.12 Postgresql Postgresql 11.13 Postgresql Postgresql 11.14 Postgresql Postgresql 11.15 Postgresql Postgresql 11.16 Postgresql Postgresql 11.17 Postgresql Postgresql 11.18 Postgresql Postgresql 11.19	57
Application	Redhat Redhat Software Collections -	1
OS	Redhat Redhat Enterprise Linux 8.0 Redhat Enterprise Linux 9.0	2
OS	Fedoraproject Fedoraproject Fedora 38	1

Vulnerabilities > CVE-2023-2454 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2023-2454"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2023-2454