Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
The Multi Factor Authentication bypass vulnerability in pgAdmin 4
Vulnerability Description
pgAdmin <= 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions within the application, such as managing files and executing SQL queries, regardless of the account’s MFA enrollment status.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
pgAdmin 安全漏洞
Vulnerability Description
pgAdmin是一个用于开源数据库 PostgreSQL 的开源管理和开发平台。 pgAdmin 8.5及之前版本存在安全漏洞,该漏洞源于允许知道合法帐户用户名和密码的攻击者对应用程序进行身份验证并在应用程序内执行敏感操作,例如管理文件和执行 SQL 查询。
CVSS Information
N/A
Vulnerability Type
N/A