{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0218", "assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "state": "PUBLISHED", "assignerShortName": "PostgreSQL", "dateReserved": "2025-01-04T02:53:10.494Z", "datePublished": "2025-01-07T19:18:02.865Z", "dateUpdated": "2025-01-08T17:56:00.784Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "shortName": "PostgreSQL", "dateUpdated": "2025-01-08T17:56:00.784Z"}, "title": "pgAgent scheduled batch job scripts are created in a predictable temporary directory potentially allowing a denial of service", "descriptions": [{"lang": "en", "value": "When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks."}], "affected": [{"defaultStatus": "unaffected", "product": "pgAgent", "vendor": "n/a", "versions": [{"lessThan": "4.2.3", "status": "affected", "version": "4", "versionType": "rpm"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-340", "type": "CWE", "description": "Generation of Predictable Numbers or Identifiers"}]}], "references": [{"url": "https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM"}}], "configurations": [{"lang": "en", "value": "attacker has permission to write to the system temporary directory"}], "workarounds": [{"lang": "en", "value": "None."}], "credits": [{"lang": "en", "value": "The pgAdmin project thanks Wolfgang Frisch from SUSE for reporting this problem."}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-07T20:58:35.591893Z", "id": "CVE-2025-0218", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-07T20:58:49.396Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0218", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-07T20:58:35.591893Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-07T20:58:44.409Z"}}], "cna": {"title": "pgAgent scheduled batch job scripts are created in a predictable temporary directory potentially allowing a denial of service", "credits": [{"lang": "en", "value": "The pgAdmin project thanks Wolfgang Frisch from SUSE for reporting this problem."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}}], "affected": [{"vendor": "n/a", "product": "pgAgent", "versions": [{"status": "affected", "version": "4", "lessThan": "4.2.3", "versionType": "rpm"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c"}], "workarounds": [{"lang": "en", "value": "None."}], "descriptions": [{"lang": "en", "value": "When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-340", "description": "Generation of Predictable Numbers or Identifiers"}]}], "configurations": [{"lang": "en", "value": "attacker has permission to write to the system temporary directory"}], "providerMetadata": {"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "shortName": "PostgreSQL", "dateUpdated": "2025-01-08T17:56:00.784Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0218", "state": "PUBLISHED", "dateUpdated": "2025-01-08T17:56:00.784Z", "dateReserved": "2025-01-04T02:53:10.494Z", "assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "datePublished": "2025-01-07T19:18:02.865Z", "assignerShortName": "PostgreSQL"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pgadmin:pgagent:*:*:*:*:*:postgresql:*:*", "matchCriteriaId": "CC0AB842-1447-46E4-8845-B222B09EF4A2", "versionEndExcluding": "4.2.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks."}, {"lang": "es", "value": "Cuando pgAgent ejecuta trabajos por lotes, se crea un script en un directorio temporal y luego se ejecuta. En versiones de pgAgent anteriores a la 4.2.3, se utiliza un generador de n\u00fameros aleatorios con una informaci\u00f3n insuficiente al generar el nombre del directorio, lo que genera la posibilidad de que un atacante local cree previamente el directorio y, de esta manera, impida que pgAgent ejecute trabajos, lo que interrumpir\u00eda las tareas programadas."}], "id": "CVE-2025-0218", "lastModified": "2025-02-11T21:11:36.480", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-01-07T20:15:30.710", "references": [{"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "tags": ["Patch"], "url": "https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c"}], "sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-340"}], "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-330"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}