Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2023-31043

Cleartext Storage of Sensitive Information

Published: Apr 23, 2023 | Modified: Feb 04, 2025
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
Vulnerability-free packages from our partners
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2023-31043
CWEhttps://cwe.mitre.org/data/definitions/312.html

EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edb_filter_log.redact_password_commands. The fixed versions are 10.23.33, 11.18.29, 12.13.17, 13.9.13, and 14.6.0.

Weakness

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

Affected Software

Name Vendor Start Version End Version
Postgres_advanced_server Enterprisedb * 10.23.33 (excluding)
Postgres_advanced_server Enterprisedb 11.1.7 (including) 11.18.29 (excluding)
Postgres_advanced_server Enterprisedb 12.1.2 (including) 12.13.17 (excluding)
Postgres_advanced_server Enterprisedb 13.1.4 (including) 13.9.13 (excluding)
Postgres_advanced_server Enterprisedb 14.1.0 (including) 14.6.0 (excluding)

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use