CVE-2018-10936 : A weakness was found in postgresql-jdbc before version 42.2.5. It was possible t

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by providing a certificate for the wrong host, as long as it was signed by a trusted CA.

Published 2018-08-30 13:29:00

Updated 2020-10-15 13:28:10

Source Red Hat, Inc.

View at NVD, CVE.org

Products affected by CVE-2018-10936

Redhat » Enterprise Linux » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Matching versions
Postgresql » Postgresql Jdbc Driver
Versions before (<) 42.2.5
cpe:2.3:a:postgresql:postgresql_jdbc_driver:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2018-10936

EPSS FAQ

0.65%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 70 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-10936

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.1	HIGH	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.1	HIGH	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	Red Hat, Inc.
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2018-10936

CWE-297 Improper Validation of Certificate with Host Mismatch

The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host.
Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)

References for CVE-2018-10936

https://www.postgresql.org/about/news/1883/

PostgreSQL: PostgreSQL JDBC 42.2.5 Released (Security Fix CVE-2018-10936)
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10936

1622225 – (CVE-2018-10936) CVE-2018-10936 PostgreSQL: Postgres JDBC driver does not perform host name validation by default
Mitigation;Issue Tracking;Third Party Advisory
https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E

[GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities - Pony Mail

CVEs referencing this url
http://www.securityfocus.com/bid/105220

PostgreSQL JDBC CVE-2018-10936 Man in the Middle Security Bypass Vulnerability
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2018-10936

Products affected by CVE-2018-10936

Exploit prediction scoring system (EPSS) score for CVE-2018-10936

CVSS scores for CVE-2018-10936

CWE ids for CVE-2018-10936

References for CVE-2018-10936