VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-nwfr-t7xn-zuae

Essentials
Severities (69)
References (61)
Severity details (52)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-nwfr-t7xn-zuae
Aliases	CVE-2023-5870
Summary	Role "pg_signal_backend" can signal certain superuser processesmore details
Status	Published
Exploitability	0.5
Weighted Severity	3.1
Risk	1.6
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-400

Uncontrolled Resource Consumption

System	Score	Found at
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7545
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7545
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7579
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7579
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7580
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7580
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7581
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7581
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7616
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7616
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7656
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7656
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7666
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7666
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7667
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7667
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7694
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7694
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7695
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7695
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7714
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7714
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7770
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7770
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7772
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7772
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7784
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7784
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7785
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7785
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7883
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7883
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7884
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7884
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2023:7885
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:7885
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2024:0304
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:0304
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2024:0332
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:0332
cvssv3.1	2.2	https://access.redhat.com/errata/RHSA-2024:0337
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:0337
cvssv3	2.2	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5870.json
cvssv3.1	2.2	https://access.redhat.com/security/cve/CVE-2023-5870
ssvc	Track	https://access.redhat.com/security/cve/CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
epss	0.00621	https://api.first.org/data/v1/epss?cve=CVE-2023-5870
cvssv3.1	2.2	https://bugzilla.redhat.com/show_bug.cgi?id=2247170
ssvc	Track	https://bugzilla.redhat.com/show_bug.cgi?id=2247170
cvssv3.1	6.2	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	2.2	https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
ssvc	Track	https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
cvssv3	2.2	https://www.postgresql.org/support/security/CVE-2023-5870/
cvssv3.1	2.2	https://www.postgresql.org/support/security/CVE-2023-5870/
ssvc	Track	https://www.postgresql.org/support/security/CVE-2023-5870/

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5870.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-5870
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39417
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5868
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5870
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
		https://www.postgresql.org/support/security/CVE-2023-5870/
1056283		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056283
2247170		https://bugzilla.redhat.com/show_bug.cgi?id=2247170
cpe:/a:redhat:advanced_cluster_security:3.74::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:3.74::el8
cpe:/a:redhat:advanced_cluster_security:4.1::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.1::el8
cpe:/a:redhat:advanced_cluster_security:4.2::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.2::el8
cpe:/a:redhat:enterprise_linux:8::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
cpe:/a:redhat:enterprise_linux:9::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/a:redhat:enterprise_linux:9::crb		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
cpe:/a:redhat:rhel_aus:8.2::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream
cpe:/a:redhat:rhel_aus:8.4::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream
cpe:/a:redhat:rhel_e4s:8.2::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream
cpe:/a:redhat:rhel_e4s:8.4::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream
cpe:/a:redhat:rhel_eus:8.6::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream
cpe:/a:redhat:rhel_eus:8.8::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
cpe:/a:redhat:rhel_eus:9.0::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream
cpe:/a:redhat:rhel_eus:9.0::crb		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb
cpe:/a:redhat:rhel_eus:9.2::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
cpe:/a:redhat:rhel_eus:9.2::crb		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb
cpe:/a:redhat:rhel_software_collections:3		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3
cpe:/a:redhat:rhel_software_collections:3::el7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3::el7
cpe:/a:redhat:rhel_tus:8.2::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream
cpe:/a:redhat:rhel_tus:8.4::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream
cpe:/o:redhat:enterprise_linux:6		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
CVE-2023-5870		https://access.redhat.com/security/cve/CVE-2023-5870
GLSA-202408-06		https://security.gentoo.org/glsa/202408-06
RHSA-2023:7545		https://access.redhat.com/errata/RHSA-2023:7545
RHSA-2023:7579		https://access.redhat.com/errata/RHSA-2023:7579
RHSA-2023:7580		https://access.redhat.com/errata/RHSA-2023:7580
RHSA-2023:7581		https://access.redhat.com/errata/RHSA-2023:7581
RHSA-2023:7616		https://access.redhat.com/errata/RHSA-2023:7616
RHSA-2023:7656		https://access.redhat.com/errata/RHSA-2023:7656
RHSA-2023:7666		https://access.redhat.com/errata/RHSA-2023:7666
RHSA-2023:7667		https://access.redhat.com/errata/RHSA-2023:7667
RHSA-2023:7694		https://access.redhat.com/errata/RHSA-2023:7694
RHSA-2023:7695		https://access.redhat.com/errata/RHSA-2023:7695
RHSA-2023:7714		https://access.redhat.com/errata/RHSA-2023:7714
RHSA-2023:7770		https://access.redhat.com/errata/RHSA-2023:7770
RHSA-2023:7772		https://access.redhat.com/errata/RHSA-2023:7772
RHSA-2023:7784		https://access.redhat.com/errata/RHSA-2023:7784
RHSA-2023:7785		https://access.redhat.com/errata/RHSA-2023:7785
RHSA-2023:7883		https://access.redhat.com/errata/RHSA-2023:7883
RHSA-2023:7884		https://access.redhat.com/errata/RHSA-2023:7884
RHSA-2023:7885		https://access.redhat.com/errata/RHSA-2023:7885
RHSA-2024:0304		https://access.redhat.com/errata/RHSA-2024:0304
RHSA-2024:0332		https://access.redhat.com/errata/RHSA-2024:0332
RHSA-2024:0337		https://access.redhat.com/errata/RHSA-2024:0337
USN-6538-1		https://usn.ubuntu.com/6538-1/
USN-6538-2		https://usn.ubuntu.com/6538-2/
USN-6570-1		https://usn.ubuntu.com/6570-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7545

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7545

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7579

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7579

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7580

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7580

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7581

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7581

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7616

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7616

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7656

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7656

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7666

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7666

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7667

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7667

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7694

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7694

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7695

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7695

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7714

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7714

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7770

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7770

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7772

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7772

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7784

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7784

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7785

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7785

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7883

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7883

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7884

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7884

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2023:7885

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2023:7885

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2024:0304

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2024:0304

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2024:0332

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2024:0332

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2024:0337

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/errata/RHSA-2024:0337

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5870.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/security/cve/CVE-2023-5870

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://access.redhat.com/security/cve/CVE-2023-5870

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://bugzilla.redhat.com/show_bug.cgi?id=2247170

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2247170

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L Found at https://www.postgresql.org/support/security/CVE-2023-5870/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/ Found at https://www.postgresql.org/support/security/CVE-2023-5870/

Exploit Prediction Scoring System (EPSS)

Percentile	0.7002
EPSS Score	0.00621
Published At	April 2, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:35:51.445780+00:00	PostgreSQL Importer	Import	https://www.postgresql.org/support/security/CVE-2023-5870	38.0.0