PostgreSQL Improper Certificate Validation Vulnerability - CVE-2021-43766 - Vulnerability Database

PostgreSQL Improper Certificate Validation Vulnerability - CVE-2021-43766

High

Reference: CVE-2021-43766

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-43766

Title: PostgreSQL Improper Certificate Validation Vulnerability

Overview:

Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established despite the use of SSL certificate verification and encryption. This is similar to CVE-2021-23214 for PostgreSQL.