CVE-2019-2708 — LOW (3.3) — White Hats Nepal

Q: How severe is CVE-2019-2708?

CVE-2019-2708 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-2708?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Berkeley Db.

Vulnerability Description

Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Data Store. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

CVSS Score

3.3

LOW

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Oracle	Berkeley Db	< 6.138

References

FAQ

What is CVE-2019-2708?

CVE-2019-2708 is a vulnerability with a CVSS score of 3.3 (LOW). Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows ...

How severe is CVE-2019-2708?

CVE-2019-2708 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-2708?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Berkeley Db.