Vulnerability Name:

CVE-2019-10128 (CCN-160901)

Assigned:2019-05-09
Published:2019-05-09
Updated:2022-01-01
Summary:A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code.
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:4.1 Medium (CVSS v2 Vector: AV:L/AC:M/Au:S/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-284
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2019-10128

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1707102

Source: XF
Type: UNKNOWN
postgresql-cve201910128-code-exec(160901)

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20210430-0004/

Source: CCN
Type: IBM Security Bulletin 6188541 (Robotic Process Automation with Automation Anywhere)
PostgreSQL vulnerabilities in IBM Robotic Process Automation with Automation Anywhere

Source: CCN
Type: PostgreSQL Web site
PostgreSQL 11.3, 10.8, 9.6.13, 9.5.17, and 9.4.22 Released!

Source: MISC
Type: Exploit, Release Notes, Vendor Advisory
https://www.postgresql.org/about/news/1939/

Vulnerable Configuration:Configuration 1:
  • cpe:/a:postgresql:postgresql:*:*:*:*:*:*:*:* (Version < 9.4.22)
  • OR cpe:/a:postgresql:postgresql:*:*:*:*:*:*:*:* (Version >= 9.5.0 and < 9.5.17)
  • OR cpe:/a:postgresql:postgresql:*:*:*:*:*:*:*:* (Version >= 9.6.0 and < 9.6.13)
  • OR cpe:/a:postgresql:postgresql:*:*:*:*:*:*:*:* (Version >= 10.0 and < 10.8)
  • OR cpe:/a:postgresql:postgresql:*:*:*:*:*:*:*:* (Version >= 11.0 and < 11.3)
  • AND
  • cpe:/o:microsoft:windows:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:postgresql:postgresql:11.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:9.4.21:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:9.5.16:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:9.6.12:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:10.7:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.cosmic:def:2019101280000000
    V
    		CVE-2019-10128 on Ubuntu 18.10 (cosmic) - medium.
    2019-05-09
    oval:com.ubuntu.bionic:def:2019101280000000
    V
    		CVE-2019-10128 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-05-09
    oval:com.ubuntu.xenial:def:2019101280000000
    V
    		CVE-2019-10128 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-05-09
    BACK
    postgresql postgresql *
    postgresql postgresql *
    postgresql postgresql *
    postgresql postgresql *
    postgresql postgresql *
    microsoft windows -
    postgresql postgresql 11.2
    postgresql postgresql 9.4.21
    postgresql postgresql 9.5.16
    postgresql postgresql 9.6.12
    postgresql postgresql 10.7