CVE-2025-0218

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:pgadmin:pgagent:*:*:*:*:*:postgresql:*:*

History

11 Feb 2025, 21:11

Type	Values Removed	Values Added
CPE		cpe:2.3:a:pgadmin:pgagent::::::postgresql::*
Summary		(es) Cuando pgAgent ejecuta trabajos por lotes, se crea un script en un directorio temporal y luego se ejecuta. En versiones de pgAgent anteriores a la 4.2.3, se utiliza un generador de números aleatorios con una información insuficiente al generar el nombre del directorio, lo que genera la posibilidad de que un atacante local cree previamente el directorio y, de esta manera, impida que pgAgent ejecute trabajos, lo que interrumpiría las tareas programadas.
CWE		CWE-330
References	~~() https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c -~~	() https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c - Patch
First Time		Pgadmin pgagent Pgadmin

07 Jan 2025, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-07 20:15

Updated : 2025-02-11 21:11

NVD link : CVE-2025-0218

Mitre link : CVE-2025-0218

CVE.ORG link : CVE-2025-0218

JSON object : View

Products Affected

pgadmin

pgagent

CWE

CWE-340

Generation of Predictable Numbers or Identifiers

CWE-330

Use of Insufficiently Random Values

{"id": "CVE-2025-0218", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2025-01-07T20:15:30.710", "references": [{"url": "https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c", "tags": ["Patch"], "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "description": [{"lang": "en", "value": "CWE-340"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-330"}]}], "descriptions": [{"lang": "en", "value": "When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks."}, {"lang": "es", "value": "Cuando pgAgent ejecuta trabajos por lotes, se crea un script en un directorio temporal y luego se ejecuta. En versiones de pgAgent anteriores a la 4.2.3, se utiliza un generador de n\u00fameros aleatorios con una informaci\u00f3n insuficiente al generar el nombre del directorio, lo que genera la posibilidad de que un atacante local cree previamente el directorio y, de esta manera, impida que pgAgent ejecute trabajos, lo que interrumpir\u00eda las tareas programadas."}], "lastModified": "2025-02-11T21:11:36.480", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pgadmin:pgagent:*:*:*:*:*:postgresql:*:*", "vulnerable": true, "matchCriteriaId": "CC0AB842-1447-46E4-8845-B222B09EF4A2", "versionEndExcluding": "4.2.3"}], "operator": "OR"}]}], "sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}

5.5 /10