Vulnerability: Plaintext Storage of Usernames and Passwords in PostgreSQL

Vulnerability: Plaintext Storage of Usernames and Passwords in PostgreSQL

CVE-2000-1199 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.