{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7428", "assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "state": "PUBLISHED", "assignerShortName": "GoogleCloud", "dateReserved": "2026-04-29T14:38:05.602Z", "datePublished": "2026-05-12T09:16:35.151Z", "dateUpdated": "2026-05-12T09:16:35.151Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "shortName": "GoogleCloud", "dateUpdated": "2026-05-12T09:16:35.151Z"}, "title": "Insecure default administrative credentials in AlloyDB for PostgreSQL", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-1392", "description": "CWE-1392 Use of default credentials", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-70", "descriptions": [{"lang": "en", "value": "CAPEC-70 Try Common or Default Usernames and Passwords"}]}], "affected": [{"vendor": "Google Cloud", "product": "AlloyDB for PostgreSQL", "versions": [{"status": "affected", "version": "0", "lessThan": "2025-11-03", "versionType": "date"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Prior to 2025-11-03,\u00a0well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters\u00a0with an insecure default password which could have been exploited by a\u00a0remote\u00a0attacker\u00a0to\u00a0gain full administrative access to the database.\n\n\n\n\nExploitation required network access to the AlloyDB cluster and was limited to Terraform or the REST API, as other clients blocked it.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<div><span>Prior to 2025-11-03,&nbsp;</span>well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters&nbsp;<span>with an insecure default password which could have been exploited by a&nbsp;</span>remote<span>&nbsp;attacker&nbsp;</span><span>to&nbsp;gain full administrative access to the database.</span></div><div><br></div><span>Exploitation required network access to the AlloyDB cluster and was limited to Terraform or the REST API, as other clients blocked it</span><span>.</span>"}]}], "tags": ["exclusively-hosted-service"], "references": [{"url": "https://docs.cloud.google.com/alloydb/docs/release-notes#April_28_2026"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "LOW", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "AMBER", "version": "4.0", "baseSeverity": "CRITICAL", "baseScore": 9.2, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/U:Amber"}}], "solutions": [{"lang": "en", "value": "This vulnerability was patched on November 3, 2025.\n\n\n\nImpacted instances have been proactively remediated, and no customer action is needed.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>This vulnerability was patched on November 3, 2025.</p><p>Impacted instances have been proactively remediated, and no customer action is needed.</p>"}]}], "credits": [{"lang": "en", "value": "Mark Lawrenson", "type": "reporter"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}}}

{}

{"cveTags": [{"sourceIdentifier": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "tags": ["exclusively-hosted-service"]}], "descriptions": [{"lang": "en", "value": "Prior to 2025-11-03,\u00a0well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters\u00a0with an insecure default password which could have been exploited by a\u00a0remote\u00a0attacker\u00a0to\u00a0gain full administrative access to the database.\n\n\n\n\nExploitation required network access to the AlloyDB cluster and was limited to Terraform or the REST API, as other clients blocked it."}], "id": "CVE-2026-7428", "lastModified": "2026-05-12T10:16:48.490", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.2, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "type": "Secondary"}]}, "published": "2026-05-12T10:16:48.490", "references": [{"source": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "url": "https://docs.cloud.google.com/alloydb/docs/release-notes#April_28_2026"}], "sourceIdentifier": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1392"}], "source": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "type": "Secondary"}]}

{}

{}