Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-3167 - Vulnerability Database
PostgreSQL

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-3167

High
Reference: CVE-2015-3167
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-3167
Title: PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

contrib/pgcrypto in PostgreSQL before 9.0.20 9.1.x before 9.1.16 9.2.x before 9.2.11 9.3.x before 9.3.7 and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used which makes it easier for attackers to obtain the key via a brute force attack.