Lucene search

K
ibmIBM896C186FC78806A801DD528297944E87EABFE00A17B3EFEAEF67EC83E9AE3EB3
HistoryOct 06, 2021 - 12:37 p.m.

Security Bulletin: IBM Security Guardium is affected by an SQLite vulnerability

2021-10-0612:37:14
www.ibm.com
10

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

53.2%

Summary

IBM Security Guardium has fixed this vulnerability

Vulnerability Details

CVEID:CVE-2019-19317
**DESCRIPTION:**SQLite is vulnerable to a denial of service, caused by an error in lookupName in resolve.c. By providing specially crafted input, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172670 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Security Guardium StealthBits Integration All

Remediation/Fixes

Product Versions Fix
IBM Security Guardium 11.x

http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=Guardium_11.1.0.128_S-TAP_Windows_v11.1.0.128&includeSupersedes=0&source=fc

IBM Security Guardium| 10.6|

http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=Guardium_10.6.0.220_S-TAP_Windows_v10.6.0.220&includeSupersedes=0&source=fc

IBM Security Guardium| 10.5|

http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=Guardium_10.5.0_S-TAP_Windows_v10.5.0.226&includeSupersedes=0&source=fc

Workarounds and Mitigations

None

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

53.2%

Related for 896C186FC78806A801DD528297944E87EABFE00A17B3EFEAEF67EC83E9AE3EB3