CVE-2024-4545 - EDB Postgres Advanced Server (EPAS) authenticated file read permissions bypass using edbldr

First Published: 2024/05/09

Last Updated: 2024/05/09

Summary

All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 and prior to 15.7.0 and from 16.0 and prior to 16.3.0 may allow users using edbldr to bypass role permissions from pg_read_server_files. This could allow low privilege users to read files to which they would not otherwise have access.

Vulnerability details

CVE-ID: CVE-2024-4545

CVSS Base Score: 7.7

CVSS Temporal Score: Undefined

CVSS Environmental Score: Undefined

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Affected products and versions

  • EnterpriseDB Postgres Advanced Server (EPAS)
    • All versions from 15.0 and prior to 15.7.0
    • All versions from 16.0 and prior to 16.3.0

Remediation

Impacted users must upgrade to a fixed version of EPAS. For questions about updating, users can contact their account representative or contact EDB.

ProductVRMFRemediation/First Fix
EPASAll versions from 15.0 and prior to 15.7.0Upgrade EPAS 15 to Minor release
EPASAll versions from 16.0 and prior to 16.7.0Upgrade EPAS 16 to Minor release
Warning

If impacted users are currently relying on non-superusers to run edbldr and read data from the server filesystem without any special permissions, the fixed versions of EPAS could break these workflows. It is recommended that users do one of the following:

  • Grant such users the pg_read_server_files role
  • Change the way data is being loaded into the database, such as loading files from standard input rather than specifying a pathname.

References

Acknowledgement

None

Change history

  • 9 May 2024: Original document published

Disclaimer

This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document.


Could this page be better? Report a problem or suggest an addition!