7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in the src/build.c, src/prepare.c. By using a corrupted SQLite3 database file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVEID: CVE-2018-8740 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in the src/build.c, src/prepare.c. By using a corrupted SQLite3 database file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140476> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
IBM Cloud Application Performance Management, Advanced Private V8.1.4
IBM Cloud Application Performance Management V8.1.4
IBM Performance Management V8.1.3
IBM Tivoli Composite Application Manager (ITCAM) for Transactions: Version 7.4.0.1
IBM Tivoli Composite Application Manager (ITCAM) for Transactions: Version 7.4.0.2
Product
|
Product Version
|
APAR
|
Remediation / First Fix
—|—|—|—
IBM Cloud Application Performance Management - Response Time Monitoring Agent | 8.1.4 | |
If you use the Response Time Monitoring Agent, the vulnerabilities can be remediated by applying the Response Time Monitoring Agent 8.1.4.0-IBM-APM-RT-AGENT-IF0002 patch to all systems where this agent is installed:
http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Application+Performance+Management+Advanced&fixids=8.1.4.0-IBM-APM-RT-AGENT-IF0002&source=SAR
IBM Performance Management - Response Time Monitoring Agent | 8.1.3 | |
If you use the Response Time Monitoring Agent, the vulnerabilities can be remediated by applying the Response Time Monitoring Agent 8.1.3.0-IBM-IPM-RT-AGENT-IF0004 patch to all systems where this agent is installed:
https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FTivoli%2FIBM+Tivoli+Monitoring&fixids=8.1.3.0-IBM-IPM-RT-AGENT-IF0004&source=SAR&function=fixId&parent=ibm/Tivoli
IBM Tivoli Composite Application Manager for Transactions (Response Time) | 7.4.0.1 | | 7.4.0.1-TIV-CAMRT-IF0029
https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FTivoli%2FTivoli+Composite+Application+Manager+for+Transactions&fixids=7.4.0.1-TIV-CAMRT-IF0029&source=SAR&function=fixId&parent=Tivoli Composite Application Manager
IBM Tivoli Composite Application Manager for Transactions (Response Time) | 7.4.0.2 | | 7.4.0.2-TIV-CAMRT-IF0001
https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FTivoli%2FTivoli+Composite+Application+Manager+for+Transactions&fixids=7.4.0.2-TIV-CAMRT-IF0001&source=SAR&function=fixId&parent=Tivoli Composite Application Manager
CPE | Name | Operator | Version |
---|---|---|---|
tivoli monitoring | eq | 8.1.4 | |
tivoli monitoring | eq | 8.1.3 | |
tivoli monitoring | eq | 7.4.0.1 | |
tivoli monitoring | eq | 7.4.0.2 |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P