GSD-2021-31671

Vulnerability from gsd - Updated: 2021-04-26 00:00
Details
pgsync drops connection parameters when syncing the schema with the --schema-first and --schema-only options. Some of these parameters may affect security. For instance, if sslmode is dropped, the connection may not use SSL. The first connection parameter is not affected. pgsync drops connection parameters when syncing the schema with the `--schema-first` and `--schema-only` options. Some of these parameters may affect security. For instance, if `sslmode` is dropped, the connection may not use SSL. The first connection parameter is not affected. An example where `sslmode` is dropped (`connect_timeout` is not affected): ```yaml from: postgres://user:pass@host/dbname?connect_timeout=10&sslmode=require ``` This applies to both the `to` and `from` connections.
Aliases
Aliases
CVE-2021-31671
To clipboard 

{
  "GSD": {
    "alias": "CVE-2021-31671",
    "description": "pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used.",
    "id": "GSD-2021-31671"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "affected": [
        {
          "package": {
            "ecosystem": "RubyGems",
            "name": "pgsync",
            "purl": "pkg:gem/pgsync"
          }
        }
      ],
      "aliases": [
        "CVE-2021-31671",
        "GHSA-72rj-36qc-47g7"
      ],
      "details": "pgsync drops connection parameters when syncing the schema with the\n--schema-first and --schema-only options. Some of these parameters may\naffect security. For instance, if sslmode is dropped, the connection\nmay not use SSL. The first connection parameter is not affected.\n\npgsync drops connection parameters when syncing the schema with the\n`--schema-first` and `--schema-only` options. Some of these parameters\nmay affect security. For instance, if `sslmode` is dropped, the\nconnection may not use SSL. The first connection parameter is not affected.\n\nAn example where `sslmode` is dropped (`connect_timeout` is not affected):\n\n```yaml\nfrom: postgres://user:pass@host/dbname?connect_timeout=10\u0026sslmode=require\n```\n\nThis applies to both the `to` and `from` connections.\n",
      "id": "GSD-2021-31671",
      "modified": "2021-04-26T00:00:00.000Z",
      "published": "2021-04-26T00:00:00.000Z",
      "references": [
        {
          "type": "WEB",
          "url": "https://github.com/ankane/pgsync/issues/121"
        }
      ],
      "schema_version": "1.4.0",
      "severity": [
        {
          "score": 7.5,
          "type": "CVSS_V3"
        }
      ],
      "summary": "Connection security vulnerability with schema sync"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2021-31671",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/ankane/pgsync/issues/121",
            "refsource": "MISC",
            "url": "https://github.com/ankane/pgsync/issues/121"
          }
        ]
      }
    },
    "github.com/rubysec/ruby-advisory-db": {
      "cve": "2021-31671",
      "cvss_v3": 7.5,
      "date": "2021-04-26",
      "description": "pgsync drops connection parameters when syncing the schema with the\n--schema-first and --schema-only options. Some of these parameters may\naffect security. For instance, if sslmode is dropped, the connection\nmay not use SSL. The first connection parameter is not affected.\n\npgsync drops connection parameters when syncing the schema with the\n`--schema-first` and `--schema-only` options. Some of these parameters\nmay affect security. For instance, if `sslmode` is dropped, the\nconnection may not use SSL. The first connection parameter is not affected.\n\nAn example where `sslmode` is dropped (`connect_timeout` is not affected):\n\n```yaml\nfrom: postgres://user:pass@host/dbname?connect_timeout=10\u0026sslmode=require\n```\n\nThis applies to both the `to` and `from` connections.\n",
      "gem": "pgsync",
      "ghsa": "72rj-36qc-47g7",
      "patched_versions": [
        "\u003e= 0.6.7"
      ],
      "title": "Connection security vulnerability with schema sync",
      "url": "https://github.com/ankane/pgsync/issues/121"
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c0.6.7",
          "affected_versions": "All versions before 0.6.7",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-319",
            "CWE-937"
          ],
          "date": "2021-05-04",
          "description": "pgsync Syncing the schema with the `--schema-first` and `--schema-only` options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used.",
          "fixed_versions": [
            "0.6.7"
          ],
          "identifier": "CVE-2021-31671",
          "identifiers": [
            "CVE-2021-31671"
          ],
          "not_impacted": "All versions starting from 0.6.7",
          "package_slug": "gem/pgsync",
          "pubdate": "2021-04-27",
          "solution": "Upgrade to version 0.6.7 or above.",
          "title": "Cleartext Transmission of Sensitive Information",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-31671",
            "https://github.com/ankane/pgsync/issues/121"
          ],
          "uuid": "4c216e51-0d2d-4dcc-b351-a4b4edec17e7"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:pgsync_project:pgsync:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "0.6.7",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-31671"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-319"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ankane/pgsync/issues/121",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://github.com/ankane/pgsync/issues/121"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-05-04T00:16Z",
      "publishedDate": "2021-04-27T03:15Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.