Return
-
Title
Is Foglight affected by Postgres vulnerabilty CVE-2017-7546? -
Description
Is Foglight affected by Postgres vulnerabilty CVE-2017-7546?It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an empty password. A remote attacker could potentially use this flaw to gain access to database accounts with empty passwords. More details are here. -
Resolution
WORKAROUND:
None.STATUS:A change request has been created. CR number: FGL-19591 and has been fixed in the 5.9.2 and higher releases of the FMS. -
Defect ID
FGL-19591