2024-03-15 19:03:27 +00:00
{
"id" : "CVE-2023-7006" ,
"sourceIdentifier" : "cret@cert.org" ,
"published" : "2024-03-15T17:15:07.717" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T08:45:00.817" ,
2024-03-17 23:03:26 +00:00
"vulnStatus" : "Awaiting Analysis" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2024-03-15 19:03:27 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "The unlockKey character in a lock using Sciener firmware can be brute forced through repeated challenge requests, compromising the locks integrity."
2024-03-17 23:03:26 +00:00
} ,
{
"lang" : "es" ,
"value" : "El car\u00e1cter de clave de desbloqueo en una cerradura que utiliza el firmware Sciener puede ser forzado de forma bruta mediante solicitudes de desaf\u00edo repetidas, comprometiendo la integridad de la cerradura."
2024-03-15 19:03:27 +00:00
}
] ,
2024-08-02 22:03:13 +00:00
"metrics" : {
"cvssMetricV31" : [
{
"source" : "134c704f-9b21-4f2e-91b3-4a467353bcc0" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 9.1 ,
"baseSeverity" : "CRITICAL" ,
2024-08-02 22:03:13 +00:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "HIGH" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2024-08-02 22:03:13 +00:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 5.2
}
]
} ,
2024-03-15 19:03:27 +00:00
"references" : [
{
"url" : "https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/" ,
"source" : "cret@cert.org"
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2024-03-15 19:03:27 +00:00
}
]
}
