CVE-2023-41115

CVSS 6.5 MEDIUMEPSS 0.6%

An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. When using UTL_ENCODE, an authenticated user can read any large object, regardless of that user's permissions.

CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:U/UI:N

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.enterprisedb.com/docs/security/advisories/cve202341115/