CVE-2017-15097
MEDIUMRed Hat Enterprise Linux - Privilege Escalation via PostgreSQL Initialization Scripts
Title source: llmDescription
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.
References (6)
Core 6
Core References
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:3402
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:3403
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:3405
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15097
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1039983
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:3404
Scores
CVSS v3
6.5
EPSS
0.0054
EPSS Percentile
41.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-59
Status
published
Products (6)
redhat/enterprise_linux_desktop
7.0
redhat/enterprise_linux_server
7.0
redhat/enterprise_linux_server_aus
7.4
redhat/enterprise_linux_server_eus
7.4
redhat/enterprise_linux_server_eus
7.5
redhat/enterprise_linux_workstation
7.0
Published
Jul 27, 2018
Tracked Since
Feb 18, 2026