CVE-2017-7486
CVE-2017-7486
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.
Affected products
The PostgreSQL Global Development Group · PostgreSQLWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://access.redhat.com/errata/RHSA-2017:1677https://access.redhat.com/errata/RHSA-2017:1678https://access.redhat.com/errata/RHSA-2017:1838https://access.redhat.com/errata/RHSA-2017:1983https://access.redhat.com/errata/RHSA-2017:2425https://security.gentoo.org/glsa/201710-06https://www.postgresql.org/about/news/1746/http://www.debian.org/security/2017/dsa-3851http://www.securityfocus.com/bid/98460http://www.securitytracker.com/id/1038476