cvelist/2017/13xxx/CVE-2017-13284.json

{
    "CVE_data_meta": {
        "ASSIGNER": "security@android.com",
        "DATE_PUBLIC": "2018-04-02T00:00:00",
        "ID": "CVE-2017-13284",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Android",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "6.0"
                                        },
                                        {
                                            "version_value": "6.0.1"
                                        },
                                        {
                                            "version_value": "7.0"
                                        },
                                        {
                                            "version_value": "7.1.1"
                                        },
                                        {
                                            "version_value": "7.1.2"
                                        },
                                        {
                                            "version_value": "8.0"
                                        },
                                        {
                                            "version_value": "8.1"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Google Inc."
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "In config_set_string of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70808273."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Elevation of privilege"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "https://source.android.com/security/bulletin/2018-04-01",
                "refsource": "CONFIRM",
                "url": "https://source.android.com/security/bulletin/2018-04-01"
            }
        ]
    }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-18 06:07:04 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "security@android.com",`
			`"DATE_PUBLIC": "2018-04-02T00:00:00",`
			`"ID": "CVE-2017-13284",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Android",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "6.0"`
			`},`
			`{`
			`"version_value": "6.0.1"`
			`},`
			`{`
			`"version_value": "7.0"`
			`},`
			`{`
			`"version_value": "7.1.1"`
			`},`
			`{`
			`"version_value": "7.1.2"`
			`},`
			`{`
			`"version_value": "8.0"`
			`},`
			`{`
			`"version_value": "8.1"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "Google Inc."`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
- Added submission from Google Android for April 2018 Android Security Bulletin from 2018-04-03. 2018-04-04 11:12:27 -04:00			`{`
"-Synchronized-Data." 2019-03-18 06:07:04 +00:00			`"lang": "eng",`
			`"value": "In config_set_string of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70808273."`
- Added submission from Google Android for April 2018 Android Security Bulletin from 2018-04-03. 2018-04-04 11:12:27 -04:00			`}`
"-Synchronized-Data." 2019-03-18 06:07:04 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Elevation of privilege"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "https://source.android.com/security/bulletin/2018-04-01",`
			`"refsource": "CONFIRM",`
			`"url": "https://source.android.com/security/bulletin/2018-04-01"`
			`}`
			`]`
			`}`
			`}`