CVE-2023-41117 – This vulnerability in EnterpriseDB Postgres Adv... (How to Fix)

Q: What is the severity of CVE-2023-41117?

CVE-2023-41117 has a CVSS score of 8.8 (HIGH). This vulnerability in EnterpriseDB Postgres Advanced Server (EPAS) allows attackers to execute arbitrary code by exploiting search_path attacks against SECURITY DEFINER functions. It affects all EPAS versions before specific patched releases. Attackers with database access can escalate privileges to execute code as the database owner.

📋 TL;DR

This vulnerability in EnterpriseDB Postgres Advanced Server (EPAS) allows attackers to execute arbitrary code by exploiting search_path attacks against SECURITY DEFINER functions. It affects all EPAS versions before specific patched releases. Attackers with database access can escalate privileges to execute code as the database owner.

💻 Affected Systems

Products:

EnterpriseDB Postgres Advanced Server (EPAS)

Versions: Before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, 15.x before 15.4.0

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations with vulnerable versions, regardless of configuration. Requires database user access to exploit.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full database compromise leading to data theft, data manipulation, and potential lateral movement to the underlying operating system.

🟠

Likely Case

Privilege escalation allowing attackers to execute arbitrary SQL commands as the database owner, potentially accessing sensitive data or modifying database structures.

🟢

If Mitigated

Limited impact if proper access controls and network segmentation are in place, restricting database access to authorized users only.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires authenticated database access. Exploitation involves manipulating search_path to execute malicious code through SECURITY DEFINER functions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 11.21.32, 12.16.20, 13.12.16, 14.9.0, 15.4.0

Vendor Advisory: https://www.enterprisedb.com/docs/security/advisories/cve202341117/

Restart Required: Yes

Instructions:

1. Download appropriate patched version from EnterpriseDB. 2. Backup database. 3. Stop EPAS service. 4. Apply patch/upgrade. 5. Restart EPAS service. 6. Verify version.

🔧 Temporary Workarounds

Restrict Database Access

all

Limit database connections to trusted users and applications only

Configure pg_hba.conf to restrict connections
Use firewall rules to limit database port access

Review SECURITY DEFINER Functions

all

Audit and potentially disable unnecessary SECURITY DEFINER functions

SELECT proname FROM pg_proc WHERE prosecdef = true;
REVOKE EXECUTE ON FUNCTION function_name FROM PUBLIC;

🧯 If You Can't Patch

Implement strict network segmentation to isolate database servers
Enforce least privilege access controls and monitor for suspicious database activity

🔍 How to Verify

Check if Vulnerable:

Check EPAS version: SELECT version(); and compare against affected versions

Check Version:

SELECT version();

Verify Fix Applied:

Verify version is at or above patched versions: SELECT version();

📡 Detection & Monitoring

Log Indicators:

Unusual search_path modifications
Suspicious SECURITY DEFINER function executions
Privilege escalation attempts

Network Indicators:

Unexpected database connections from unauthorized sources

SIEM Query:

source="postgresql" AND ("search_path" OR "SECURITY DEFINER")

📊 Metadata

CVE ID: CVE-2023-41117

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-427

Published: December 12, 2023

Last Updated: May 27, 2025

🔗 References

https://www.enterprisedb.com/docs/security/advisories/cve202341117/ Vendor Advisory
https://www.enterprisedb.com/docs/security/advisories/cve202341117/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-41117, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Postgres Advanced Server by Enterprisedb

Postgres Advanced Server by Enterprisedb

Postgres Advanced Server by Enterprisedb

Postgres Advanced Server by Enterprisedb

Postgres Advanced Server by Enterprisedb

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict Database Access

Review SECURITY DEFINER Functions

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities