EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edb_filter_log.redact_password_commands. The fixed versions are 10.23.33, 11.18.29, 12.13.17, 13.9.13, and 14.6.0.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2023-04-23 20:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-31043
Mitre link : CVE-2023-31043
CVE.ORG link : CVE-2023-31043
JSON object : View
Products Affected
enterprisedb
- postgres_advanced_server
CWE
CWE-312
Cleartext Storage of Sensitive Information