Search for vulnerabilities
Vulnerability details: VCID-k8mw-375e-aaaa
Vulnerability ID VCID-k8mw-375e-aaaa
Aliases CVE-2019-19923
Summary flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-476 NULL Pointer Dereference
System Score Found at
cvssv3.1 7.5 http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html
generic_textual HIGH http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html
cvssv3.1 7.5 http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html
generic_textual HIGH http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html
cvssv3.1 7.5 http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html
generic_textual HIGH http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19923.html
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2020:0514
generic_textual HIGH https://access.redhat.com/errata/RHSA-2020:0514
rhas Moderate https://access.redhat.com/errata/RHSA-2020:1810
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19923.json
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01057 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01903 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01903 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01903 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01903 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.01903 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.05075 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.11123 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.11123 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.11123 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.11123 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.11123 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.11123 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.11123 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.11123 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.11123 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
epss 0.13878 https://api.first.org/data/v1/epss?cve=CVE-2019-19923
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1788846
cvssv3.1 8.2 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
generic_textual HIGH https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19880
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19923
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19925
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19926
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6381
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6382
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6383
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6384
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6385
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6386
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6387
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6388
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6389
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6390
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6391
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6392
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6393
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6394
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6395
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6396
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6397
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6398
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6399
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6400
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6401
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6402
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6403
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6404
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6405
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6406
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6407
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6408
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6409
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6410
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6411
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6412
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6413
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6414
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6415
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6416
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6418
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6420
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6499
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6500
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6501
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6502
cvssv3.1 6.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2019-19923
cvssv3 7.5 https://nvd.nist.gov/vuln/detail/CVE-2019-19923
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2019-19923
archlinux Critical https://security.archlinux.org/AVG-1092
generic_textual Medium https://ubuntu.com/security/notices/USN-4298-1
generic_textual Medium https://usn.ubuntu.com/usn/usn-4298-1
cvssv3.1 9.8 https://www.oracle.com/security-alerts/cpuapr2020.html
generic_textual CRITICAL https://www.oracle.com/security-alerts/cpuapr2020.html
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19923.html
https://access.redhat.com/errata/RHSA-2020:0514
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19923.json
https://api.first.org/data/v1/epss?cve=CVE-2019-19923
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19880
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19923
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19925
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6383
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6393
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6394
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6395
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6397
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6398
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6399
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6400
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6401
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6402
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6407
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6409
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6412
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6413
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6415
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6418
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6420
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6499
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6500
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6501
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6502
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35
https://security.netapp.com/advisory/ntap-20200114-0003/
https://ubuntu.com/security/notices/USN-4298-1
https://usn.ubuntu.com/4298-1/
https://usn.ubuntu.com/usn/usn-4298-1
https://www.debian.org/security/2020/dsa-4638
https://www.oracle.com/security-alerts/cpuapr2020.html
1788846 https://bugzilla.redhat.com/show_bug.cgi?id=1788846
ASA-202002-3 https://security.archlinux.org/ASA-202002-3
AVG-1092 https://security.archlinux.org/AVG-1092
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*
cpe:2.3:a:sqlite:sqlite:3.30.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sqlite:sqlite:3.30.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
CVE-2019-19923 https://nvd.nist.gov/vuln/detail/CVE-2019-19923
RHSA-2020:1810 https://access.redhat.com/errata/RHSA-2020:1810
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHSA-2020:0514
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19923.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N Found at https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2019-19923
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-19923
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-19923
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpuapr2020.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.82092
EPSS Score 0.00863
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.