← back
CVE-2017-15097

CVE-2017-15097

CVSS 6.5 MEDIUMEPSS 0.5%CWE-59
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
27 Jul 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.
CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Affected products
Red Hat · postgresql init script

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/errata/RHSA-2017:3402https://access.redhat.com/errata/RHSA-2017:3403https://access.redhat.com/errata/RHSA-2017:3404https://access.redhat.com/errata/RHSA-2017:3405https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15097http://www.securitytracker.com/id/1039983