CVE-2023-39417: PostgreSQL Code Execution Vulnerability
PostgreSQL is more than just a name for those who deal with databases daily. With a remarkable history spanning over 30 years, it stands as a powerful open-source object-relational database system. Its potential to store and scale the most intricate data workloads has made it the primary database choice for an array of applications, from websites to mobile and analytics platforms.
A critical security vulnerability has been found in PostgreSQL, a popular open-source object-relational database system. The vulnerability, CVE-2023-39417 carries a significant CVSS score of 7.5 and allows an attacker with database-level CREATE privilege to execute arbitrary code as the bootstrap superuser.
The vulnerability exists in the PostgreSQL extension script, and it can be exploited if an administrator has installed files of a vulnerable, trusted, non-bundled extension. The vulnerability is caused by a failure to properly sanitize user input when using the @extowner@, @extschema@, or @extschema:…@ functions.
An attacker can exploit this vulnerability by submitting malicious input to a PostgreSQL database that is running a vulnerable version of the software. The malicious input could be in the form of a SQL query or a parameter to a function. Once the malicious input is submitted, the attacker can execute arbitrary code as the bootstrap superuser.
The bootstrap superuser is a special user account that has complete control over the PostgreSQL database. This means that an attacker who can execute arbitrary code as the bootstrap superuser can do anything they want to the database, including stealing data, deleting data, or modifying data.
The CVE-2023-39417 vulnerability affects PostgreSQL versions 11, 12, 13, 14, and 15. The fixed versions are 11.21, 12.16, 13.12, 14.9, and 15.4. PostgreSQL has provided a fix that blocks this attack at the core server level. There’s no need for users to modify individual extensions, simplifying the remediation process. Don’t delay this crucial update; your data’s security depends on it.
