Executive Summary

Informations
Name CVE-2023-41113 First vendor Publication 2023-12-12
Vendor Cve Last vendor Modification 2023-12-14

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Overall CVSS Score 4.3
Base Score 4.3 Environmental Score 4.3
impact SubScore 1.4 Temporal Score 4.3
Exploitabality Sub Score 2.8
 
Attack Vector Network Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact Low
Integrity Impact None Availability Impact None
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It allows an authenticated user to to obtain information about whether certain files exist on disk, what errors if any occur when attempting to read them, and some limited information about their contents (regardless of permissions). This can occur when a superuser has configured one or more directories for filesystem access via CREATE DIRECTORY and adopted certain non-default settings for log_line_prefix and log_connections.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41113

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2

Sources (Detail)

https://www.enterprisedb.com/docs/security/advisories/cve202341113/
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
Date Informations
2024-02-09 13:36:03
  • Multiple Updates
2023-12-14 21:27:26
  • Multiple Updates
2023-12-13 02:37:05
  • Multiple Updates
2023-12-13 02:35:05
  • Multiple Updates
2023-12-12 17:27:24
  • Multiple Updates
2023-12-12 13:27:25
  • First insertion