CVE-2020-13631

MEDIUM EPSS 45.2%
Published May 27, 20206y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 27, 2020 6y ago
Last Modified Jun 17, 2026 2w ago

Description

SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity High
Availability None

Threat Intelligence

EPSS Exploit Probability
45.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 24

VendorProductVersionRange
sqlitesqlite* <3.32.0
fedoraprojectfedora32any
canonicalubuntu_linux16.04any
canonicalubuntu_linux18.04any
canonicalubuntu_linux19.10any
canonicalubuntu_linux20.04any
netappcloud_backup*any
netappsolidfire\,_enterprise_sds_\&_hci_storage_node*any
brocadefabric_operating_system*any
netapphci_compute_node_firmware*any
netapphci_compute_node*any
siemenssinec_infrastructure_network_services* <1.0.1.1
appleicloud* <11.5
appleitunes* <12.10.9
appleipados* <14.0
appleiphone_os* <14.0
applemacos* <11.0.1
appletvos* <14.0
applewatchos* <7.0
oraclecommunications_network_charging_and_control*≥12.0.0  –  ≤12.0.3
oraclecommunications_network_charging_and_control6.0.1any
oracleoutside_in_technology8.5.4any
oracleoutside_in_technology8.5.5any
oraclezfs_storage_appliance_kit8.8any

References 21

  • seclists.org http://seclists.org/fulldisclosure/2020/Dec/32
    Mailing ListThird Party Advisory
  • seclists.org http://seclists.org/fulldisclosure/2020/Nov/19
    Mailing ListThird Party Advisory
  • seclists.org http://seclists.org/fulldisclosure/2020/Nov/20
    Mailing ListThird Party Advisory
  • seclists.org http://seclists.org/fulldisclosure/2020/Nov/22
    Mailing ListThird Party Advisory
  • bugs.chromium.org https://bugs.chromium.org/p/chromium/issues/detail?id=1080459
    Permissions RequiredThird Party Advisory
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
    PatchThird Party Advisory
  • lists.apache.org https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXYYQYBN/
  • security.freebsd.org https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc
    MitigationThird Party Advisory
  • security.gentoo.org https://security.gentoo.org/glsa/202007-26
    Third Party Advisory
  • security.netapp.com https://security.netapp.com/advisory/ntap-20200608-0002/
    Third Party Advisory
  • sqlite.org https://sqlite.org/src/info/eca0ba2cf4c0fdf7
    PatchVendor Advisory
  • support.apple.com https://support.apple.com/kb/HT211843
    Release NotesThird Party Advisory
  • support.apple.com https://support.apple.com/kb/HT211844
    Release NotesThird Party Advisory
  • support.apple.com https://support.apple.com/kb/HT211850
    Release NotesThird Party Advisory
  • support.apple.com https://support.apple.com/kb/HT211931
    Release NotesThird Party Advisory
  • support.apple.com https://support.apple.com/kb/HT211935
    Release NotesThird Party Advisory
  • support.apple.com https://support.apple.com/kb/HT211952
    Release NotesThird Party Advisory
  • usn.ubuntu.com https://usn.ubuntu.com/4394-1/
    PatchThird Party Advisory
  • oracle.com https://www.oracle.com/security-alerts/cpujul2020.html
    Third Party Advisory
  • oracle.com https://www.oracle.com/security-alerts/cpuoct2020.html
    Third Party Advisory

Remediation

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
    PatchThird Party Advisory
  • sqlite.org https://sqlite.org/src/info/eca0ba2cf4c0fdf7
    PatchVendor Advisory
  • usn.ubuntu.com https://usn.ubuntu.com/4394-1/
    PatchThird Party Advisory