PT-2022-1602 · Pgjdbc+5 · Pgjdbc+6

Avecramer

·

Published

2022-02-02

·

Updated

2025-03-18

·

CVE-2022-21724

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions pgjdbc versions prior to the fixed version
Description A security issue was found in the pgjdbc driver for PostgreSQL databases. The driver instantiates plugin instances based on class names provided via authenticationPluginClassName, sslhostnameverifier, socketFactory, sslfactory, sslpasswordcallback connection properties. However, it does not verify if the class implements the expected interface before instantiating it, which can lead to code execution loaded via arbitrary classes. This can be exploited when an attacker controls the JDBC URL or properties.
Recommendations For pgjdbc, upgrade to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of the vulnerable connection properties authenticationPluginClassName, sslhostnameverifier, socketFactory, sslfactory, sslpasswordcallback until a patch is available. Avoid using plugins that may instantiate arbitrary classes via these properties until the issue is resolved.

Exploit

Fix

Special Elements Injection

Improper Initialization

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-665CWE-668

Related Identifiers

ALT-PU-2023-8458
ALT-PU-2023-8462
ALT-PU-2023-8463
ALT-PU-2024-16562
BDU:2022-00821
BIT-POSTGRESQL-JDBC-DRIVER-2022-21724
CVE-2022-21724
DLA-3018-1
DSA-5196-1
GHSA-V7WG-CPWC-24M4
OESA-2022-1535
SUSE-SU-2022:2143-1
SUSE-SU-2022:2145-1

Affected Products

Alt Linux
Astra Linux
Bitbucket
Jira
Red Os
Suse
Pgjdbc