cvelist/2024/6xxx/CVE-2024-6348.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2024-6348",
        "ASSIGNER": "cve@asrg.io",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-330: Use of Insufficiently Random Values",
                        "cweId": "CWE-330"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Nissan",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Altima",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "versions": [
                                                    {
                                                        "status": "unknown",
                                                        "version": "Altima 2022"
                                                    }
                                                ],
                                                "defaultStatus": "unaffected"
                                            }
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://asrg.io/security-advisories/",
                "refsource": "MISC",
                "name": "https://asrg.io/security-advisories/"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.2.0"
    },
    "source": {
        "discovery": "UNKNOWN"
    },
    "credits": [
        {
            "lang": "en",
            "value": "Thomas Sermpinis"
        }
    ]
}
"-Synchronized-Data." 2024-06-26 11:00:35 +00:00			`{`
"-Synchronized-Data." 2024-08-19 16:00:35 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2024-06-26 11:00:35 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2024-6348",`
"-Synchronized-Data." 2024-08-19 16:00:35 +00:00			`"ASSIGNER": "cve@asrg.io",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2024-06-26 11:00:35 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2024-08-19 16:00:35 +00:00			`"value": "Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests."`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-330: Use of Insufficiently Random Values",`
			`"cweId": "CWE-330"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "Nissan",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Altima",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "not down converted",`
			`"x_cve_json_5_version_data": {`
			`"versions": [`
			`{`
			`"status": "unknown",`
			`"version": "Altima 2022"`
			`}`
			`],`
			`"defaultStatus": "unaffected"`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://asrg.io/security-advisories/",`
			`"refsource": "MISC",`
			`"name": "https://asrg.io/security-advisories/"`
"-Synchronized-Data." 2024-06-26 11:00:35 +00:00			`}`
			`]`
"-Synchronized-Data." 2024-08-19 16:00:35 +00:00			`},`
			`"generator": {`
			`"engine": "Vulnogram 0.2.0"`
			`},`
			`"source": {`
			`"discovery": "UNKNOWN"`
			`},`
			`"credits": [`
			`{`
			`"lang": "en",`
			`"value": "Thomas Sermpinis"`
			`}`
			`]`
"-Synchronized-Data." 2024-06-26 11:00:35 +00:00			`}`