CVE-2021-23222

Summary

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.

Affected Software

VendorProductVersion RangeStatus
n/apostgresqlAffects v9.6 to v14affected

Weaknesses

  • CWE-522: CWE-522 - Insufficiently Protected Credentials

ADP Enrichment

CVE Program Container

Additional References

References