PT-2021-4808 · Postgresql+10 · Postgresql Libpq+11

Jacob Champion

·

Published

2021-11-10

·

Updated

2026-04-03

·

CVE-2021-23222

CVSS v3.1

5.9

Medium

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions PostgreSQL libpq (affected versions not specified)
Description A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. The vulnerability in the libpq library of the PostgreSQL database management system is related to insufficient protection of registration data, which can allow a remote attacker to implement a man-in-the-middle attack.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

ALSA-2022:1891
ALT-PU-2021-3250
ALT-PU-2021-3251
ALT-PU-2021-3252
ALT-PU-2021-3253
ALT-PU-2021-3254
ALT-PU-2021-3255
ALT-PU-2021-3345
ALT-PU-2021-3346
ALT-PU-2021-3347
ALT-PU-2021-3348
ALT-PU-2021-3349
ALT-PU-2021-3350
ALT-PU-2021-3459
ALT-PU-2021-3460
ALT-PU-2021-3461
ALT-PU-2021-3462
ALT-PU-2021-3463
ALT-PU-2021-3564
ALT-PU-2021-3565
ALT-PU-2021-3566
ALT-PU-2021-3567
ALT-PU-2021-3600
ALT-PU-2022-1109
AZL-8901
BDU:2021-05535
BIT-POSTGRESQL-2021-23222
BIT-POSTGRESQL-2021-43767
CESA-2022_1891
CVE-2021-23222
DLA-2817-1
DSA-5006-1
DSA-5007-1
ECHO-206B-79FE-1549
GHSA-9CFH-VX93-84VV
JLSEC-2026-30
JLSEC-2026-36
MGASA-2021-0523
OESA-2022-1575
OESA-2022-1598
OESA-2022-1706
OESA-2022-2061
OPENSUSE-SU-2021:1584-1
OPENSUSE-SU-2021:3758-1
OPENSUSE-SU-2021:3759-1
OPENSUSE-SU-2021:3762-1
OPENSUSE-SU-2021:4058-1
OPENSUSE-SU-2021_1584-1
OPENSUSE-SU-2021_3758-1
OPENSUSE-SU-2021_3759-1
OPENSUSE-SU-2021_3762-1
OPENSUSE-SU-2021_4058-1
OPENSUSE-SU-2024:11625-1
OPENSUSE-SU-2024:11626-1
OPENSUSE-SU-2024:11627-1
OPENSUSE-SU-2024:11628-1
OPENSUSE-SU-2024:11629-1
OPENSUSE-SU-2024:13243-1
OPENSUSE-SU-2024:14360-1
OPENSUSE-SU-2025:15580-1
RHSA-2021:5179
RHSA-2021:5197
RHSA-2022:1891
RHSA-2022_1891
RLSA-2022:1891
SUSE-SU-2021:3755-1
SUSE-SU-2021:3757-1
SUSE-SU-2021:3758-1
SUSE-SU-2021:3759-1
SUSE-SU-2021:3760-1
SUSE-SU-2021:3761-1
SUSE-SU-2021:3762-1
SUSE-SU-2021:4058-1
SUSE-SU-2022:2893-1
SUSE-SU-2022:2958-1
USN-5145-1
USN-5765-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Postgresql Libpq
Postgresql
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu