When the server is configured to use trust
authentication with a clientcert
requirement or to use cert
authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. This is similar to CVE-2011-0411 (different product).
The PostgreSQL project thanks Jacob Champion for reporting this problem.
Affected Version | Fixed In | Fix Published |
---|---|---|
14 | 14.1 | Nov. 11, 2021 |
13 | 13.5 | Nov. 11, 2021 |
12 | 12.9 | Nov. 11, 2021 |
11 | 11.14 | Nov. 11, 2021 |
10 | 10.19 | Nov. 11, 2021 |
9.6 | 9.6.24 | Nov. 11, 2021 |
For more information about PostgreSQL versioning, please visit the versioning page.
Overall Score | 8.1 |
---|---|
Component | core server |
Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
If you wish to report a new security vulnerability in PostgreSQL, please send an email to security@postgresql.org.
For reporting non-security bugs, please see the Report a Bug page.