CVE-2024-2044: Unsafe Deserialisation and Remote Code Execution by an Authenticated user in pgAdmin 4

9.9 CVSS

Description

pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on POSIX/Linux, an authenticated attacker can upload pickle objects, deserialize them, and gain code execution.

Classification

CVE ID: CVE-2024-2044

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.9

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected Products

Vendor: pgadmin.org

Product: pgAdmin 4

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.16% (probability of being exploited)

EPSS Percentile: 54.25% (scored less or equal to compared to others)

EPSS Date: 2025-03-14 (when was this score calculated)

References

https://github.com/pgadmin-org/pgadmin4/issues/7258
https://www.shielder.com/advisories/pgadmin-path-traversal_leads_to_unsafe_deserialization_and_rce/
https://lists.fedoraproject.org/archives/list/[email protected]/message/LUYN2JXKKHFSVTASH344TBRGWDH64XQV/

Timeline

2025-02-14 00:31:28 UTC
CVE

Unsafe Deserialisation and Remote Code Execution by an Authenticated user in pgAdmin 4