CVE-2019-19645
MEDIUM
5,5
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
LOW
2,1
Source: [email protected]
Access Vector: local
Access Complexity: low
Authentication: none
Confidentiality: none
Integrity: none
Availability: partial
Description
AI Translation Available
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0030
Percentile
0,5th
Updated
EPSS Score Trend (Last 90 Days)
674
Uncontrolled Recursion
DraftCommon Consequences
Security Scopes Affected:
Availability
Confidentiality
Potential Impacts:
Dos: Resource Consumption (Cpu)
Dos: Resource Consumption (Memory)
Read Application Data
Applicable Platforms
All platforms may be affected
Application
Tenable.Sc by Tenable
Version Range Affected
To
5.19.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Cloud Backup by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Mysql Workbench by Oracle
Version Range Affected
To
8.0.19
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sqlite by Sqlite
Version Range Affected
To
3.30.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sinec Infrastructure Network Services by Siemens
Version Range Affected
To
1.0.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ontap Select Deploy Administration Utility by Netapp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06
https://security.netapp.com/advisory/ntap-20191223-0001/
https://usn.ubuntu.com/4394-1/
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.tenable.com/security/tns-2021-14
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06
https://security.netapp.com/advisory/ntap-20191223-0001/
https://usn.ubuntu.com/4394-1/
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.tenable.com/security/tns-2021-14