The vulnerability in the Postgres database system has been reported to the Chinese government by hackers, but no information has been provided to date about the extent of the damage.
Postgres is widely used by the Chinese military and intelligence services and has been used in China’s controversial cyberspace crackdown.
It is not yet known whether the hackers exploited the vulnerability in a way that could have caused harm.
The Chinese Ministry of Defense said in a statement that the Chinese National Defense University has confirmed that the PostgreSQL database in question is a military database.
It said the university was not involved in the vulnerability disclosure.
The ministry did not specify what security measures were in place.
Postgres has said the database was not vulnerable to SQL injection attacks.
“The security of our databases is always our top priority,” Postgres said in an email statement.
“We are continually improving our security, and we strongly encourage companies to update their systems.”
The Postgres website shows the Postfix email account with a password that includes “pkp-user” and “password.”
The company said it has removed the account and is not responsible for the breach.
A Chinese government official told Reuters that the government has asked the National Defense Technical College to investigate the matter.
“The security issue has been resolved, but it’s still possible to gain access to sensitive information,” the official said.
“It’s important to note that this issue does not affect any users of the Postex service.”
China has not been shy about cracking down on its enemies, and it has been the target of attacks by Western intelligence agencies.
Last year, the United States accused China of hacking into computers in South Korea and Taiwan.
A cyberwar erupted in January 2016 between China and the United Kingdom, which was retaliating by hacking into China’s military.
China has denied that it was behind the attack.