Re: BUG #18817: Security Bug Report: Plaintext Password Exposure in Logs

On Tuesday, February 18, 2025, PG Bug reporting form <noreply(at)postgresql(dot)org>
wrote:

> The following bug has been logged on the website:
>
> Bug reference: 18817
> Logged by: Indrajeet Deshmukh
> Email address: bkindrajeeth(at)gmail(dot)com
> PostgreSQL version: 15.0
> Operating system: Linux
> Description:
>
> Namaste Team,
>
> During the integration of PostgreSQL Database v15 logs into a SIEM
> solution,I observed that user passwords are logged in plaintext when a user
> is created using the database command. This poses a serious security risk
> as
> credentials could be exposed to unauthorized users who have access to the
> logs.
>
> Vendor: PostgreSQL
> Product: PostgreSQL Database
> Version: 15
> Severity: High
> Issue Type: Security Vulnerability
>
> Steps to Reproduce:
> Open the PostgreSQL Database CLI or execute the command via a script.
> Run the following command to create a new user:
>
> CREATE USER indrajeet WITH PASSWORD 'indrajeet'

The long-standing position here is that the encrypted password being found
in the logs is not a security issue needing fixing. It’s maybe a bit
unfortunate that we provide both secure and insecure methods for setting or
changing a password but we do. Use the secure methods. Which means
compute the encrypted password off-server and send that instead of the
clear text version.

David J.