CVE-2023-1907 – This vulnerability in pgAdmin's LDAP authentica... (How to Fix)

Q: What is the severity of CVE-2023-1907?

CVE-2023-1907 has a CVSS score of 8.0 (HIGH). This vulnerability in pgAdmin's LDAP authentication allows session confusion when multiple users attempt to log in simultaneously. Attackers could potentially access another user's session and their database privileges. Only pgAdmin installations running in server mode with LDAP authentication enabled are affected.

📋 TL;DR

This vulnerability in pgAdmin's LDAP authentication allows session confusion when multiple users attempt to log in simultaneously. Attackers could potentially access another user's session and their database privileges. Only pgAdmin installations running in server mode with LDAP authentication enabled are affected.

💻 Affected Systems

Products:

pgAdmin

Versions: pgAdmin 4 versions before 7.6

Operating Systems: All platforms running pgAdmin

Default Config Vulnerable: ✅ No

Notes: Only affects pgAdmin running in server mode with LDAP authentication enabled. Desktop mode and other authentication methods are not vulnerable.

📦 What is this software?

Pgadmin by Pgadmin

View all CVEs affecting Pgadmin →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker gains unauthorized access to a privileged user's session, potentially accessing sensitive databases, executing arbitrary SQL commands, or exfiltrating data.

🟠

Likely Case

Session confusion leads to users accessing incorrect sessions with limited privileges, causing data integrity issues or unauthorized access to non-sensitive data.

🟢

If Mitigated

With proper network segmentation and authentication controls, impact is limited to session confusion within the pgAdmin interface only.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires LDAP authentication and simultaneous login attempts. Timing-based attack that exploits race condition in session handling.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: pgAdmin 4 version 7.6 and later

Vendor Advisory: https://www.pgadmin.org/security/

Restart Required: Yes

Instructions:

1. Backup pgAdmin configuration and data. 2. Stop pgAdmin service. 3. Upgrade to pgAdmin 4 version 7.6 or later. 4. Restart pgAdmin service. 5. Verify authentication works correctly.

🔧 Temporary Workarounds

Disable LDAP Authentication

all

Temporarily switch to alternative authentication methods until patching is complete

Modify pgAdmin config.py: AUTHENTICATION_SOURCES = ['internal']

Implement Rate Limiting

all

Add rate limiting to login endpoints to reduce simultaneous login attempts

Configure web server (nginx/apache) rate limiting for /login endpoint

🧯 If You Can't Patch

Implement network segmentation to isolate pgAdmin from untrusted networks
Enable detailed session logging and monitor for unusual authentication patterns

🔍 How to Verify

Check if Vulnerable:

Check pgAdmin version and authentication configuration. If version < 7.6 and LDAP authentication is enabled, system is vulnerable.

Check Version:

pgadmin4 --version or check web interface About page

Verify Fix Applied:

Verify pgAdmin version is 7.6 or later and test LDAP authentication with multiple simultaneous login attempts.

📡 Detection & Monitoring

Log Indicators:

Multiple simultaneous login attempts from different IPs
Session ID mismatches in authentication logs
Users reporting incorrect session access

Network Indicators:

Unusual authentication request patterns
Multiple LDAP bind requests in short timeframes

SIEM Query:

source="pgadmin" AND ("login" OR "authenticate") | stats count by src_ip, user within 1s

📊 Metadata

CVE ID: CVE-2023-1907

CVSS v3 Score: 8.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE: CWE-488

EPSS Score: 0.1% exploit probability (26.7th percentile)

Published: January 9, 2025

Last Updated: June 20, 2025

🔗 References

https://access.redhat.com/security/cve/CVE-2023-1907 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2218384 Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-1907, you might also want to check these: