CVE-2021-23222 - CVE | ByteOS Network

CVE Vulnerability Details :

CVE-2021-23222

PUBLISHED

More Info Official Page

Assigner-redhat

Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749

Published At-02 Mar, 2022 | 00:00

Updated At-03 Aug, 2024 | 19:05

▼CVE Numbering Authority (CNA)

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.

Affected Products

Vendor

Product

Versions

Affected

Affects v9.6 to v14

Problem Types

Type	CWE ID	Description
CWE	CWE-522	CWE-522 - Insufficiently Protected Credentials

References

Hyperlink	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2022675	N/A
https://www.postgresql.org/support/security/CVE-2021-23222/	N/A
https://git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commitdiff%3Bh=d83cdfdca9d918bbbd6bb209139b94c954da7228	N/A
https://github.com/postgres/postgres/commit/160c0258802d10b0600d7671b1bbea55d8e17d45	N/A
https://security.gentoo.org/glsa/202211-04	vendor-advisory

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2022675	x_transferred
https://www.postgresql.org/support/security/CVE-2021-23222/	x_transferred
https://git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commitdiff%3Bh=d83cdfdca9d918bbbd6bb209139b94c954da7228	x_transferred
https://github.com/postgres/postgres/commit/160c0258802d10b0600d7671b1bbea55d8e17d45	x_transferred
https://security.gentoo.org/glsa/202211-04	vendor-advisory x_transferred