{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-2454", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-02T06:26:08.641Z", "dateReserved": "2023-05-01T00:00:00", "datePublished": "2023-06-09T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-07-06T00:00:00"}, "descriptions": [{"lang": "en", "value": "schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code."}], "affected": [{"vendor": "n/a", "product": "postgresql", "versions": [{"version": "PostgreSQL 15.3, PostgreSQL 14.8, PostgreSQL 13.11, PostgreSQL 12.15, PostgreSQL 11.20", "status": "affected"}]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-2454"}, {"url": "https://www.postgresql.org/support/security/CVE-2023-2454/"}, {"url": "https://security.netapp.com/advisory/ntap-20230706-0006/"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-20", "cweId": "CWE-20"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:26:08.641Z"}, "title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-2454", "tags": ["x_transferred"]}, {"url": "https://www.postgresql.org/support/security/CVE-2023-2454/", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230706-0006/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "895C54DB-6D0C-4C3C-82E8-32BDB03DD3F9", "versionEndExcluding": "11.20", "versionStartIncluding": "11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "57895EC0-9A98-4A80-AEDF-86E6423D9D45", "versionEndExcluding": "12.15", "versionStartIncluding": "12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "9EA25D57-813D-442D-81C3-82D393CAA41A", "versionEndExcluding": "13.11", "versionStartIncluding": "13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9171779-EAEA-4D8C-8E05-0B751B9139D1", "versionEndExcluding": "14.8", "versionStartIncluding": "14.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC91659E-2AE2-486C-8CD3-F41CD189FD6F", "versionEndExcluding": "15.3", "versionStartIncluding": "15.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*", "matchCriteriaId": "749804DA-4B27-492A-9ABA-6BB562A6B3AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code."}], "id": "CVE-2023-2454", "lastModified": "2023-07-06T19:15:10.143", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-06-09T19:15:09.253", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-2454"}, {"source": "secalert@redhat.com", "url": "https://security.netapp.com/advisory/ntap-20230706-0006/"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://www.postgresql.org/support/security/CVE-2023-2454/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:4527", "cpe": "cpe:/a:redhat:enterprise_linux:8", "impact": "moderate", "package": "postgresql:13-8080020230613131941.63b34585", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-08-08T00:00:00Z"}, {"advisory": "RHSA-2023:4535", "cpe": "cpe:/a:redhat:enterprise_linux:8", "impact": "moderate", "package": "postgresql:12-8080020230717103820.63b34585", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-08-08T00:00:00Z"}, {"advisory": "RHSA-2023:4539", "cpe": "cpe:/a:redhat:enterprise_linux:8", "impact": "moderate", "package": "postgresql:10-8080020230720123941.63b34585", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-08-08T00:00:00Z"}, {"advisory": "RHSA-2023:5269", "cpe": "cpe:/a:redhat:enterprise_linux:8", "impact": "moderate", "package": "postgresql:15-8080020230803085541.63b34585", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-09-19T00:00:00Z"}, {"advisory": "RHSA-2023:7667", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "postgresql:12-8020020231128165246.4cda2c84", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:7667", "cpe": "cpe:/a:redhat:rhel_tus:8.2", "package": "postgresql:12-8020020231128165246.4cda2c84", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:7667", "cpe": "cpe:/a:redhat:rhel_e4s:8.2", "package": "postgresql:12-8020020231128165246.4cda2c84", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:7694", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "postgresql:12-8040020231127153301.522a0ee4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2023-12-07T00:00:00Z"}, {"advisory": "RHSA-2023:7695", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "postgresql:13-8040020231127154806.522a0ee4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2023-12-07T00:00:00Z"}, {"advisory": "RHSA-2023:7694", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "postgresql:12-8040020231127153301.522a0ee4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2023-12-07T00:00:00Z"}, {"advisory": "RHSA-2023:7695", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "postgresql:13-8040020231127154806.522a0ee4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2023-12-07T00:00:00Z"}, {"advisory": "RHSA-2023:7694", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "postgresql:12-8040020231127153301.522a0ee4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2023-12-07T00:00:00Z"}, {"advisory": "RHSA-2023:7695", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "postgresql:13-8040020231127154806.522a0ee4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2023-12-07T00:00:00Z"}, {"advisory": "RHSA-2023:7580", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "postgresql:13-8060020231114115246.ad008a3a", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-11-29T00:00:00Z"}, {"advisory": "RHSA-2023:7666", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "postgresql:12-8060020231128165328.ad008a3a", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:3714", "cpe": "cpe:/a:redhat:enterprise_linux:9", "impact": "moderate", "package": "postgresql-0:13.11-1.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-06-21T00:00:00Z"}, {"advisory": "RHSA-2023:4327", "cpe": "cpe:/a:redhat:enterprise_linux:9", "impact": "moderate", "package": "postgresql:15-9020020230619032405.rhel9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-07-31T00:00:00Z"}, {"advisory": "RHSA-2023:7545", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "postgresql-0:13.13-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-11-28T00:00:00Z"}, {"advisory": "RHSA-2023:4313", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "impact": "moderate", "package": "rh-postgresql12-postgresql-0:12.15-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2023-07-27T00:00:00Z"}, {"advisory": "RHSA-2023:7772", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "impact": "moderate", "package": "rh-postgresql13-postgresql-0:13.13-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2023-12-13T00:00:00Z"}], "bugzilla": {"description": "postgresql: schema_element defeats protective search_path changes", "id": "2207568", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207568"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.2", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-20", "details": ["schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.", "A flaw was found in PostgreSQL. Certain database calls could permit an attacker with elevated database-level privileges to execute arbitrary code."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2023-2454", "package_state": [{"cpe": "cpe:/a:redhat:a_mq_clients:2", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "A-MQ Clients 2"}, {"cpe": "cpe:/a:redhat:cryostat:2", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Cryostat 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "acm-multicluster-globalhub-agent-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "acm-multicluster-globalhub-manager-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "acm-multicluster-globalhub-operator-bundle-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "acm-multicluster-globalhub-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:camel_spring_boot:3", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat build of Apache Camel for Spring Boot"}, {"cpe": "cpe:/a:redhat:service_registry:2", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat build of Apicurio Registry"}, {"cpe": "cpe:/a:redhat:optaplanner:::el6", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat build of OptaPlanner 8"}, {"cpe": "cpe:/a:redhat:quarkus:2", "fix_state": "Not affected", "package_name": "org.postgresql/postgresql", "product_name": "Red Hat build of Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "postgresql", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "postgresql", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:camel_quarkus:2", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat Integration Camel Quarkus"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat Integration Change Data Capture"}, {"cpe": "cpe:/a:redhat:amq_broker:7", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat JBoss A-MQ 7"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Not affected", "package_name": "jboss-on", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat JBoss Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat OpenShift Application Runtimes"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Not affected", "package_name": "openshift3/postgresql-apb", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Not affected", "package_name": "postgresql-apb-role", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-baremetal-installer-rhel7", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-installer", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-installer-artifacts", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3::el8", "fix_state": "Not affected", "package_name": "devspaces/pluginregistry-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3::el8", "fix_state": "Not affected", "package_name": "devspaces/server-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "postgresql-evr", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "rh-postgresql12-postgresql-evr", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "satellite:el8/postgresql-evr", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Not affected", "package_name": "postgresql", "product_name": "Red Hat Single Sign-On 7"}], "public_date": "2023-05-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-2454\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2454\nhttps://www.postgresql.org/about/news/postgresql-153-148-1311-1215-and-1120-released-2637/\nhttps://www.postgresql.org/support/security/CVE-2023-2454/"], "statement": "The severity for Red Hat Enterprise Linux and Red Hat Software Collections has been set to Moderate because the vulnerability requires an attacker to have database-level CREATE privilege to execute arbitrary code as the bootstrap superuser. As it requires a HIGH privileged user, it reduces the impact of this vulnerability.\nRed Hat OpenShift Dev Spaces is not affected by this issue as PostgreSQL was decommissioned on the latest Red Hat OpenShift Dev Spaces 3.6 release, as described in: https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.6/html/release_notes_and_known_issues/removed-functionalities#removed-functionality-crw-4105\nRed Hat Satellite does not include the affected PostgreSQL, however, the component is shipped with Red Hat Enterprise Linux and consumed by Satellite. Red Hat Satellite users are advised to check the impact of Red Hat Enterprise Linux since any necessary fixes will also be distributed through it.", "threat_severity": "Important", "upstream_fix": "PostgreSQL 15.3, PostgreSQL 14.8, PostgreSQL 13.11, PostgreSQL 12.15, PostgreSQL 11.20"}