Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2024-49042: Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability

How could an attacker exploit this vulnerability?

An attacker with the administrator role of “azure_pg_admin” in the target environment could exploit this vulnerability to gain the same privileges as a SuperUser by sending a specially crafted request to an Azure Database for PostgreSQL Flexible Server with specific non-default functionality enabled.

Microsoft Security Response Center
#sql#vulnerability#postgres#Azure Database for PostgreSQL#Security Vulnerability

Microsoft Security Response Center: Latest News

CVE-2024-49042: Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability