9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
IBM Tivoli Composite Application Manager (ITCAM) for Transactions - Transaction Tracking has addressed the following SQLite vulnerability:
CVEID:CVE-2020-11656
**DESCRIPTION:**SQLite could allow a remote attacker to obtain sensitive information, caused by a use-after-free in the ALTER TABLE implementation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180285 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:CVE-2020-11655
**DESCRIPTION:**SQLite is vulnerable to a denial of service, caused by mishandling the AggInfo object’s initialization. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a segmentation fault.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180289 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
ITCAM for Transactions | 7.4.0.1 and 7.4.0.2 |
ITCAM for Transaction Tracking 7.4.0.1 IFix 46
ITCAM for Transaction Tracking 7.4.0.2 IFix 13
None
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P