Vulnerability Name:

CVE-2021-20227 (CCN-198960)

Assigned:2020-12-17
Published:2021-02-09
Updated:2022-11-16
Summary:A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-416
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2021-20227

Source: CCN
Type: Red Hat Bugzilla - Bug 1924886
(CVE-2021-20227) - CVE-2021-20227 sqlite: potential use-after-free bug when processing a subquery with both a correlated WHERE clause and a "HAVING 0" clause and where the parent query is an aggregate

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1924886

Source: XF
Type: UNKNOWN
sqlite-cve202120227-dos(198960)

Source: GENTOO
Type: Third Party Advisory
GLSA-202103-04

Source: GENTOO
Type: Third Party Advisory
GLSA-202210-40

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20210423-0010/

Source: CCN
Type: IBM Security Bulletin 6473141 (Rational Collaborative Lifecycle Management)
Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.

Source: CCN
Type: IBM Security Bulletin 6474245 (Tivoli Composite Application Manager for Applications)
Addressing the Sqlite Vulnerability CVE-2021-20227

Source: CCN
Type: IBM Security Bulletin 6479935 (MaaS360)
A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender (V2.103.000.051) and Modules

Source: CCN
Type: IBM Security Bulletin 6497499 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities

Source: N/A
Type: Patch, Third Party Advisory
N/A

Source: CCN
Type: Oracle Critical Patch Update Advisory - April 2021
Oracle Critical Patch Update Advisory - April 2021

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html

Source: CCN
Type: Oracle CPUJul2021
Oracle Critical Patch Update Advisory - July 2021

Source: CCN
Type: Oracle CPUOct2021
Oracle Critical Patch Update Advisory - October 2021

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Source: CCN
Type: SQLite Web site
SQLite Release 3.34.1 On 2021-01-20

Source: MISC
Type: Release Notes, Vendor Advisory
https://www.sqlite.org/releaselog/3_34_1.html

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-20227

Vulnerable Configuration:Configuration 1:
  • cpe:/a:sqlite:sqlite:*:*:*:*:*:*:*:* (Version >= 3.33.0 and < 3.34.1)

    • Configuration 2:
  • cpe:/a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* (Version < 9.2.6.0)
  • OR cpe:/a:oracle:mysql_workbench:*:*:*:*:*:*:*:* (Version <= 8.0.26)
  • OR cpe:/a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:* (Version >= 12.0.1.0 and <= 12.0.4.0.0)
  • OR cpe:/a:oracle:enterprise_manager_for_oracle_database:13.4.0.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:sqlite:sqlite:3.34.0:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:data_risk_manager:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:7.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    sqlite sqlite *
    oracle outside in technology 8.5.5
    oracle communications network charging and control 6.0.1
    oracle zfs storage appliance kit 8.8
    oracle jd edwards enterpriseone tools *
    oracle mysql workbench *
    oracle communications network charging and control *
    oracle enterprise manager for oracle database 13.4.0.0
    sqlite sqlite 3.34.0
    ibm rational collaborative lifecycle management 6.0.2
    ibm data risk manager 2.0.6
    ibm rational collaborative lifecycle management 7.0