Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | postgresql92 | 2017-12-05 22:19 | ALAS-2017-931 |
Amazon Linux 1 | postgresql93 | 2017-12-05 22:19 | ALAS-2017-931 |
Amazon Linux 1 | postgresql94 | 2017-12-05 22:19 | ALAS-2017-931 |
Amazon Linux 1 | postgresql95 | 2017-12-05 22:18 | ALAS-2017-930 |
Amazon Linux 1 | postgresql96 | 2017-12-05 22:18 | ALAS-2017-930 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 6.5 | CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H |
NVD | CVSSv2 | 7.2 | AV:L/AC:L/Au:N/C:C/I:C/A:C |
NVD | CVSSv3 | 6.7 | CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |