CVE-2020-1720

A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17.

CVSS v3 6.5 MEDIUM
CVSS v2.0 3.5 LOW

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

3.5^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1720	Issue Tracking Patch Third Party Advisory
https://www.postgresql.org/about/news/2011/	Release Notes Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql::::::::

Configuration 2 (hide)

OR	cpe:2.3:a:redhat:decision_manager:7.0:::::::*
	cpe:2.3:a:redhat:software_collections:-:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

History

No history.

Information

Published : 2020-03-17 16:15

Updated : 2023-12-10 13:27

NVD link : CVE-2020-1720

Mitre link : CVE-2020-1720

CVE.ORG link : CVE-2020-1720

JSON object : View

Products Affected

redhat

decision_manager
software_collections
enterprise_linux

postgresql

postgresql

CWE

CWE-862

Missing Authorization

CWE-285

Improper Authorization

{"id": "CVE-2020-1720", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.6}]}, "published": "2020-03-17T16:15:11.127", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1720", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.postgresql.org/about/news/2011/", "tags": ["Release Notes", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-285"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in PostgreSQL's \"ALTER ... DEPENDS ON EXTENSION\", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17."}, {"lang": "es", "value": "Se detect\u00f3 un fallo en \"ALTER ... DEPENDS ON EXTENSION\" de PostgreSQL, donde los subcomandos no realizaron comprobaciones de autorizaci\u00f3n. Un atacante autenticado podr\u00eda usar este fallo en determinadas configuraciones para realizar objetos de descarte, tales como funciones, activadores, y otros, que conllevan a una corrupci\u00f3n de la base de datos. Este problema afecta a PostgreSQL versiones anteriores a 12.2, anteriores a 11.7, anteriores a 10.12 y anteriores a 9.6.17."}], "lastModified": "2023-11-07T03:19:29.340", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22433FE2-7BED-41DA-9F81-00274B7EA316", "versionEndExcluding": "9.6.17", "versionStartIncluding": "9.6"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF0F2CCE-26D6-4B21-BF2C-30AC1B22C9FB", "versionEndExcluding": "10.12", "versionStartIncluding": "10.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A0FB544-6CEC-47D1-87D5-AC7C5D10B22F", "versionEndExcluding": "11.7", "versionStartIncluding": "11.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "278D8AE0-EEB8-43E2-AB98-49B3305B9D21", "versionEndExcluding": "12.2", "versionStartIncluding": "12.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68146098-58F8-417E-B165-5182527117C4"}, {"criteria": "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "749804DA-4B27-492A-9ABA-6BB562A6B3AC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}