CVE-2023-41119
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2023-41119 is a vulnerability found in EnterpriseDB Postgres Advanced Server versions before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. The vulnerability allows an attacker to elevate their privileges to superuser by exploiting the function _dbms_aq_move_to_exception_queue, which accepts the OID of a table and accesses it as the superuser using SELECT and DML commands. The affected products include t1jDwH, t1jDwG, t1jDwF, t1jDwE, t1jDwI, rFFds_, rFFds-, and many others listed in the text. To remediate the issue, organizations should update their EnterpriseDB Postgres Advanced Server to version 11.21.32 or higher for the affected versions mentioned above. This vulnerability poses a high danger to organizations as it allows unauthorized elevation of privileges and potential access to sensitive data or unauthorized modification of database contents. Note: The text provided does not mention how to remediate the vulnerability or the potential danger it poses explicitly but provides information about the affected products and version updates that can be used for remediation purposes along with the nature of the vulnerability itself which can help assess its potential danger to an organization
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions