VDB
CVE-2016-2193
CVE-2016-2193
PUBLISHED
Es existiert eine Schwachstelle in PostgreSQL. Ein Angreifer kann diese Schwachstelle ausnutzen, um einen Query Plan für mehr als eine ROLE zu nutzen. Diese Schwachstelle kann dazu führen, dass falsche Row Level Security (RLS) Policies für den Query Plan gesetzt werden können.
EPSS 1.53% · 81.6th percentile
Risk Scores
EPSS Score
1.53%
81.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source | Open Source PostgreSQL <9.5.2 | |
| IBM | IBM QRadar SIEM <7.5.0 UP11 | |
| IBM | IBM Sterling Connect:Direct <6.1.0.27 | |
| Amazon | Amazon Linux 2 | |
| Red Hat | Red Hat Enterprise Linux |
Timeline
- Apr 3, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2023-2489.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2489 advisory
- http://www.postgresql.org/about/news/1656/ advisory
- https://alas.aws.amazon.com/AL2/ALASPOSTGRESQL14-2023-001.html advisory
- https://alas.aws.amazon.com/AL2/ALASPOSTGRESQL13-2023-001.html advisory
- https://alas.aws.amazon.com/AL2/ALASPOSTGRESQL12-2023-001.html advisory
- https://alas.aws.amazon.com/AL2/ALASPOSTGRESQL11-2023-001.html advisory
- http://access.redhat.com/errata/RHSA-2023:7772 advisory
- https://alas.aws.amazon.com/AL2/ALASPOSTGRESQL14-2024-014.html advisory
- https://alas.aws.amazon.com/AL2/ALASPOSTGRESQL13-2024-008.html advisory
- https://alas.aws.amazon.com/AL2/ALASPOSTGRESQL14-2024-015.html advisory
- https://www.ibm.com/support/pages/node/7181893 advisory
- https://www.ibm.com/support/pages/node/7182335 advisory