[Japanese]
|
JVNDB-2023-000023
|
Multiple vulnerabilities in PostgreSQL extension module pg_ivm
|
pg_ivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pg_ivm contains multiple vulnerabilities listed below.
- Exposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2023-22847
An Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to.
- Uncontrolled search path element (CWE-427) - CVE-2023-23554
When refreshing an IMMV, pg_ivm executes functions without specifying schema names. Under certain conditions, pg_ivm may be tricked to execute unexpected functions from other schemas with the IMMV owner's privilege.
IVM Development Group reported these vulnerabilities to IPA to notify users of its solution through JVN. JPCERT/CC and IVM Development Group coordinated under the Information Security Early Warning Partnership.
|
CVSS V3 Severity: Base Metrics 5.4 (Medium) [IPA Score]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
CVSS V2 Severity: Base Metrics 5.5 (Medium) [IPA Score]
- Access Vector: Network
- Access Complexity: Low
- Authentication: Single Instance
- Confidentiality Impact: Partial
- Integrity Impact: Partial
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2023-23554
|
CVSS V3 Severity:
Base Metrics:4.3 (Medium) [IPA Score]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
CVSS V2 Severity
Base Metrics: 4.0 (Medium) [IPA Score]
- Access Vector: Network
- Access Complexity: Low
- Authentication: Single
- Confidentiality Impact: Partial
- Integrity Impact: None
- Availability Impact: None
The above CVSS base scores have been assigned for CVE-2023-22847
|
|
IVM Development Group
- pg_ivm versions prior to 1.5.1
|
|
- Information in tables protected by Row-Level Security may be retrieved by a user who is not authorized to access it - CVE-2023-22847
- An unexpected function provided by an attacker may be executed with the privilege of the materialized view owner - CVE-2023-23554
|
[Update the Software]
Update to the latest version according to the information provided by the developer.
The developer has released pg_ivm 1.5.1 that addresses the vulnerabilities.
|
IVM Development Group
|
- Information Exposure(CWE-200) [IPA Evaluation]
- No Mapping(CWE-Other) [IPA Evaluation]
|
- CVE-2023-22847
- CVE-2023-23554
|
- JVN : JVN#19872280
- National Vulnerability Database (NVD) : CVE-2023-22847
- National Vulnerability Database (NVD) : CVE-2023-23554
|
- [2023/03/06]
Web page was published
- [2024/06/10]
References : Contents were added
|