IBM Security Bulletin: A vulnerability in SQLite affects IBM Cloud Application Performance Management Response Time Monitoring Agent and IBM Tivoli Composite Application Manager for Transactions (CVE-2018-8740)
Sep 21, 2018 9:00 am EDT
Categorized: Low Severity
Share this post:
SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in the src/build.c, src/prepare.c. By using a corrupted SQLite3 database file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVE(s): CVE-2018-8740
Affected product(s) and affected version(s):
IBM Cloud Application Performance Management, Advanced Private V8.1.4
IBM Cloud Application Performance Management V8.1.4
IBM Performance Management V8.1.3
IBM Tivoli Composite Application Manager (ITCAM) for Transactions: Version 7.4.0.1
IBM Tivoli Composite Application Manager (ITCAM) for Transactions: Version 7.4.0.2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10731257
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140476
from IBM Product Security Incident Response Team https://ift.tt/2MQE5b6