CVE-2023-1907
Publication date 9 January 2025
Last updated 30 May 2025
Ubuntu priority
Cvss 3 Severity Score
A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user’s session if multiple connection attempts occur simultaneously.
Status
Package | Ubuntu Release | Status |
---|---|---|
pgadmin3 | 25.04 plucky | Not in release |
24.10 oracular | Not in release | |
24.04 LTS noble | Not in release | |
22.04 LTS jammy | Not in release | |
20.04 LTS focal |
Needs evaluation
|
|
18.04 LTS bionic |
Needs evaluation
|
|
16.04 LTS xenial |
Needs evaluation
|
Severity score breakdown
Parameter | Value |
---|---|
Base score |
|
Attack vector | Network |
Attack complexity | High |
Privileges required | Low |
User interaction | Required |
Scope | Changed |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H |