virus logo FortiClient Vulnerability

PostgreSQL CVE-2014-0060 Weak Authentication Vulnerability

description-logoDescription

PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.

affected-products-logoAffected Applications

PostgreSQL

CVE References

CVE-2014-0060

Other References

https://www.postgresql.org/support/security/
ID 31627
Created Jul 11, 2018
Description
Updated		 Mar 01, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor PostgreSQL
Patch manual
Application PostgreSQL