CVE-2024-6238

CVSS v3.1

7.4

High

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions pgAdmin versions prior to 8.8 pgAdmin 4 (affected versions not specified)

Description The issue is related to errors in permission handling, which can allow an attacker to gain unauthorized access to the installation directory on certain platforms, such as Debian or RHEL 8. Exploitation of this issue may enable a remote attacker to execute arbitrary code.

Recommendations For pgAdmin versions prior to 8.8, update to a version that addresses the permission handling issue. For pgAdmin 4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276CWE-275

Related Identifiers

BDU:2024-04899

CVE-2024-6238

OPENSUSE-SU-2025:14983-1

Affected Products

Pgadmin

CVE-2024-6238

Weakness Enumeration

Related Identifiers

Affected Products

References · 12