CVE-2023-7104 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-7104 PUBLISHED CVSS 7.300000190734863 HIGH

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue.

EPSS 0.13% · 32.3th percentile

Risk Scores

CVSS v3.1

7.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

EPSS Score

0.13%

32.3th percentile

Affected Products

Vendor	Product	Versions
ABB	ABB B&R Automation Studio <6.5
ABB	ABB Ability Camera Connect <=2.0.0.42

Timeline

Dec 25, 2023 CVE Published
Dec 26, 2023 EPSS Score
Jan 23, 2024 EPSS Score
Feb 20, 2024 EPSS Score
Apr 17, 2024 EPSS Score
May 15, 2024 EPSS Score
Jun 12, 2024 EPSS Score
Jul 3, 2024 PoC Published
Jul 11, 2024 EPSS Score
Aug 8, 2024 EPSS Score
Oct 3, 2024 EPSS Score
Oct 5, 2024 Coalition ESS Score

References

Open in Interactive Console →