Insufficiently Random Number Generation in PostgreSQL with OpenSSL

Insufficiently Random Number Generation in PostgreSQL with OpenSSL

CVE-2013-1900 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.