CVE-2015-3167 in PostgreSQLinfo

Summary

contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

04/10/2015

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-200

CVSS

5.6

EPSS

0.01812

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-3167
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-3167
CVE Details	https://www.cvedetails.com/cve/CVE-2015-3167/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!