CVE-2018-19645
published 2019-02-12CVE-2018-19645: An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
PriorityP357critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
1.42%
69.4th percentile
An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ghost | sqlite3 | >= 0 < 3.11.0-1ubuntu1.5 | 3.11.0-1ubuntu1.5 |
| ghost | sqlite3 | >= 0 < 3.22.0-1ubuntu0.4 | 3.22.0-1ubuntu0.4 |
| ghost | sqlite3 | >= 0 < 3.31.1-4ubuntu0.1 | 3.31.1-4ubuntu0.1 |
| microfocus | solutions_business_manager | < 11.5 | 11.5 |
| netiq_edirectory | netiq_access_manager | >= Solutions Business Manager (SBM) < 11.5 | 11.5 |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-34x9-j9c6-9r2j: An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11
ghsa_unreviewed·2022-05-14
CVE-2018-19645 [CRITICAL] CWE-287 GHSA-34x9-j9c6-9r2j: An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11
An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
OSV
sqlite3 vulnerabilities
osv·2020-06-10·CVSS 7.5
CVE-2018-8740 sqlite3 vulnerabilities
sqlite3 vulnerabilities
It was discovered that SQLite incorrectly handled certain corruped schemas.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS. (CVE-2018-8740)
It was discovered that SQLite incorrectly handled certain SELECT
statements. An attacker could possibly use this issue to cause a denial of
service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19603)
It was discovered that SQLite incorrectly handled certain self-referential
views. An attacker could possibly use this issue to cause a denial of
service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19645)
Henry Liu discovered that SQLite incorrectly handled certain malformed
window-function queries. An attacker could possibly use this is
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-02-12
Published