CVE-2019-19646

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.

References

https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd

https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3

https://www.sqlite.org/

https://security.netapp.com/advisory/ntap-20191223-0001/

https://www.oracle.com/security-alerts/cpuapr2020.html

Details

Source: MITRE

Published: 2019-12-09

Updated: 2021-07-22

Type: CWE-754

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:* versions up to 3.30.1 (inclusive)

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
153643SUSE SLED12 / SLES12 Security Update : sqlite3 (SUSE-SU-2021:3215-1)NessusSuSE Local Security Checks
critical
152986Tenable SecurityCenter < 5.19.0 Multiple Vulnerabilities (TNS-2021-14)NessusMisc.
high
151985Tenable.sc < 5.19.0 Multiple Vulnerabilities (TNS-2021-14) (deprecated)NessusMisc.
high
151816openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:1058-1)NessusSuSE Local Security Checks
critical
151748openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:2320-1)NessusSuSE Local Security Checks
critical
151654SUSE SLED15 / SLES15 Security Update : sqlite3 (SUSE-SU-2021:2320-1)NessusSuSE Local Security Checks
critical
132984Photon OS 1.0: Sqlite PHSA-2020-1.0-0264NessusPhotonOS Local Security Checks
critical
132978Photon OS 2.0: Sqlite PHSA-2019-2.0-0198NessusPhotonOS Local Security Checks
critical
132833EulerOS Virtualization for ARM 64 3.0.5.0 : sqlite (EulerOS-SA-2020-1079)NessusHuawei Local Security Checks
critical
132626EulerOS 2.0 SP8 : sqlite (EulerOS-SA-2020-1033)NessusHuawei Local Security Checks
critical