{"id":63523,"date":"2025-05-22T21:31:47","date_gmt":"2025-05-22T18:01:47","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-2506-edb-pglogical-replication-connection-verification-bypass\/"},"modified":"2025-05-22T21:31:47","modified_gmt":"2025-05-22T18:01:47","slug":"cve-2025-2506-edb-pglogical-replication-connection-verification-bypass","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-2506-edb-pglogical-replication-connection-verification-bypass\/","title":{"rendered":"CVE-2025-2506 &#8211; EDB pglogical Replication Connection Verification Bypass"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-2506<br \/>\n<br \/>\n<strong>Published : <\/strong> May 22, 2025, 4:15 p.m. | 59\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it is running on a replication connection but does not perform this check. This vulnerability was introduced in the pglogical 3.x codebase, which is proprietary to EDB. The same code base has been integrated into BDR\/PGD 4 and 5.<br \/>\nTo exploit the vulnerability the attacker needs at least CONNECT permissions to a database configured for replication and must understand a number of pglogical3\/BDR specific commands and be able to decode the binary protocol.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 5.3 | MEDIUM<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-2506 Published : May 22, 2025, 4:15 p.m. | 59\u00a0minutes ago Description : When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-63523","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/63523","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=63523"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/63523\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=63523"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=63523"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=63523"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}