virus logo FortiClient Vulnerability

PostgreSQL CVE-2021-32028 Information Disclosure Vulnerability

description-logoDescription

Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an attacker can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can create prerequisite objects and complete this attack at will. A user lacking the CREATE and TEMPORARY privileges on all databases and the CREATE privilege on all schemas cannot use this attack at will.

affected-products-logoAffected Applications

PostgreSQL

CVE References

CVE-2021-32028

Other References

https://www.postgresql.org/support/security/
ID 68987
Created Sep 05, 2021
Description
Updated		 Jan 16, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS MacOS
Vendor PostgreSQL
Patch manual
Application PostgreSQL