CVE-2023-1907

Name of the Vulnerable Software and Affected Versions pgadmin (affected versions not specified)

Description A vulnerability was found in pgadmin, where users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously. This issue is related to incorrect session fixation due to improper access separation in the LDAP authentication configuration. Exploitation of this vulnerability may allow a remote attacker to bypass security restrictions and gain unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.