Vulnerability Description
A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Postgresql | Postgresql | < 9.4.22 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1707102Issue TrackingThird Party Advisory
- https://security.netapp.com/advisory/ntap-20210430-0004/Third Party Advisory
- https://www.postgresql.org/about/news/1939/ExploitRelease NotesVendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1707102Issue TrackingThird Party Advisory
- https://security.netapp.com/advisory/ntap-20210430-0004/Third Party Advisory
- https://www.postgresql.org/about/news/1939/ExploitRelease NotesVendor Advisory
FAQ
What is CVE-2019-10128?
CVE-2019-10128 is a vulnerability with a CVSS score of 7.8 (HIGH). A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the A...
How severe is CVE-2019-10128?
CVE-2019-10128 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-10128?
Check the references section above for vendor advisories and patch information. Affected products include: Postgresql Postgresql, Microsoft Windows.