← Back to CVEs

CVE-2022-26520

CRITICAL

9.8

Description

In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor's position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties

CVE Details

CVSS v3.1 Score9.8

SeverityCRITICAL

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published3/10/2022

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

debian:debian_linuxpostgresql:postgresql_jdbc_driver

References

https://github.com/pgjdbc/pgjdbc/pull/2454/commits/017b929977b4f85795f9ad2fa5de6e80978b8ccc(cve@mitre.org)

https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-673j-qm5f-xpv8(cve@mitre.org)

https://jdbc.postgresql.org/documentation/changelog.html#version_42.3.3(cve@mitre.org)

https://jdbc.postgresql.org/documentation/head/tomcat.html(cve@mitre.org)

https://www.debian.org/security/2022/dsa-5196(cve@mitre.org)

https://github.com/pgjdbc/pgjdbc/pull/2454/commits/017b929977b4f85795f9ad2fa5de6e80978b8ccc(af854a3a-2127-422b-91ae-364da2661108)

https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-673j-qm5f-xpv8(af854a3a-2127-422b-91ae-364da2661108)

https://jdbc.postgresql.org/documentation/changelog.html#version_42.3.3(af854a3a-2127-422b-91ae-364da2661108)

https://jdbc.postgresql.org/documentation/head/tomcat.html(af854a3a-2127-422b-91ae-364da2661108)

https://www.debian.org/security/2022/dsa-5196(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.