Re: BUG #18817: Security Bug Report: Plaintext Password Exposure in Logs
David G. Johnston <david.g.johnston@gmail.com>
From: "David G. Johnston" <david.g.johnston@gmail.com>
To: "bkindrajeeth@gmail.com" <bkindrajeeth@gmail.com>, "pgsql-bugs@lists.postgresql.org" <pgsql-bugs@lists.postgresql.org>
Date: 2025-02-18T14:37:30Z
Lists: pgsql-bugs
On Tuesday, February 18, 2025, PG Bug reporting form <noreply@postgresql.org> wrote: > The following bug has been logged on the website: > > Bug reference: 18817 > Logged by: Indrajeet Deshmukh > Email address: bkindrajeeth@gmail.com > PostgreSQL version: 15.0 > Operating system: Linux > Description: > > Namaste Team, > > During the integration of PostgreSQL Database v15 logs into a SIEM > solution,I observed that user passwords are logged in plaintext when a user > is created using the database command. This poses a serious security risk > as > credentials could be exposed to unauthorized users who have access to the > logs. > > Vendor: PostgreSQL > Product: PostgreSQL Database > Version: 15 > Severity: High > Issue Type: Security Vulnerability > > Steps to Reproduce: > Open the PostgreSQL Database CLI or execute the command via a script. > Run the following command to create a new user: > > CREATE USER indrajeet WITH PASSWORD 'indrajeet' The long-standing position here is that the encrypted password being found in the logs is not a security issue needing fixing. It’s maybe a bit unfortunate that we provide both secure and insecure methods for setting or changing a password but we do. Use the secure methods. Which means compute the encrypted password off-server and send that instead of the clear text version. David J.