Impact of SQLite Vulnerability CVE-2023-7104 on Backup Exec

book

Article ID: 100062692

calendar_today

Updated On:

Description

Error Message

N/A

Cause

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical.
https://nvd.nist.gov/vuln/detail/CVE-2023-7104

This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler.
The manipulation leads to heap-based buffer overflow.

Resolution

Backup Exec does not use the affected function (sessionReadRecord) and therefore Backup Exec is not impacted.

NOTE:
Backup Exec 23 uses Sqlite3.exe version 3.43.1

Issue/Introduction

Vulnerability CVE-2023-7104 has been reported against SQLite3 version up to 3.43.0.

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"