Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2019-2708
HistoryApr 23, 2019 - 7:32 p.m.

CVE-2019-2708

2019-04-2319:32:56
[email protected]
web.nvd.nist.gov
84
cve-2019-2708
oracle berkeley db
data store
vulnerability
denial of service
cvss 3.0
nvd
security advisory

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

AI Score

2.6

Confidence

High

EPSS

0.001

Percentile

39.2%

JSON

Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Data Store. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Affected configurations

Vulners
NVD
Node
oracleberkeley_dbRange6.06.138
OR
oracleberkeley_dbRange6.0.06.2.38
OR
oracleberkeley_dbRange18.0.018.1.32
VendorProductVersionCPE
oracleberkeley_db*cpe:2.3:a:oracle:berkeley_db:*:*:*:*:*:*:*:*
oracleberkeley_db*cpe:2.3:a:oracle:berkeley_db:*:*:*:*:*:*:*:*
oracleberkeley_db*cpe:2.3:a:oracle:berkeley_db:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Oracle Berkeley DB",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "lessThan": "6.138",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "6.2.38",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1.32",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

nessus 21
cbl_mariner 3
fedora 1
openvas 13
prion 1
cvelist 1
redhatcve 1
osv 2
veracode 1
nvd 1
oraclelinux 1
redhat 13
almalinux 1
rocky 1
mageia 1
ibm 3
oracle 1
nessus
nessus
CentOS 8 : libdb (CESA-2021:1675)
2021-05-19 00:00:00
EulerOS Virtualization 2.9.1 : libdb (EulerOS-SA-2022-2350)
2022-09-23 00:00:00
SUSE SLES12 Security Update : libdb-4_8 (SUSE-SU-2022:4289-1)
2022-11-30 00:00:00
cbl_mariner
cbl_mariner
CVE-2019-2708 affecting package libdb 5.3.28-6
2021-10-05 03:00:59
CVE-2019-2708 affecting package libdb for versions less than 5.3.28-7
2024-03-19 17:21:46
CVE-2019-2708 affecting package libdb for versions less than 5.3.28-7
2022-04-26 19:57:55
fedora
fedora
[SECURITY] Fedora 33 Update: libdb-5.3.28-45.fc33
2020-12-16 01:43:18
openvas
openvas
Fedora: Security Advisory for libdb (FEDORA-2020-62d2ff9fa8)
2020-12-16 00:00:00
Huawei EulerOS: Security Advisory for libdb (EulerOS-SA-2022-2511)
2022-10-10 00:00:00
Huawei EulerOS: Security Advisory for libdb (EulerOS-SA-2022-2386)
2022-09-26 00:00:00
prion
prion
Code injection
2019-04-23 19:32:00
cvelist
cvelist
CVE-2019-2708
2019-04-23 18:16:45
redhatcve
redhatcve
CVE-2019-2708
2020-07-02 09:20:42
osv
osv
Low: libdb security update
2021-05-18 05:48:41
Low: libdb security update
2021-05-18 05:48:41
veracode
veracode
Denial Of Service (DoS)
2021-05-21 14:01:38
nvd
nvd
CVE-2019-2708
2019-04-23 19:32:56
oraclelinux
oraclelinux
libdb security update
2021-05-25 00:00:00
redhat
redhat
(RHSA-2021:1675) Low: libdb security update
2021-05-18 05:48:41
(RHSA-2021:2705) Moderate: Release of OpenShift Serverless 1.16.0
2021-07-13 16:31:04
(RHSA-2021:2130) Moderate: Windows Container Support for Red Hat OpenShift 2.0.1 security and bug fix update
2021-06-23 05:30:08
almalinux
almalinux
Low: libdb security update
2021-05-18 05:48:41
rocky
rocky
libdb security update
2021-05-18 05:48:41
mageia
mageia
Updated db53 packages fix a security vulnerability
2021-01-29 22:05:33
ibm
ibm
Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities
2021-12-03 18:52:37
Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs
2021-10-19 15:38:04
Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to multiple CVEs
2023-03-08 18:05:21
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

AI Score

2.6

Confidence

High

EPSS

0.001

Percentile

39.2%

JSON
Related for CVE-2019-2708
nessus21cbl_mariner3fedora1openvas13prion1cvelist1redhatcve1osv2veracode1nvd1oraclelinux1redhat13almalinux1rocky1mageia1ibm3oracle1