admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-256xx/CVE-2020-25662.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

155 lines
4.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-25662",
"sourceIdentifier": "secalert@redhat.com",
"published": "2020-11-05T21:15:12.750",
"lastModified": "2023-02-12T23:40:36.087",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un problema de regresi\u00f3n CVE-2020-12352 solo de Red Hat en la manera en que la implementaci\u00f3n de la pila de Bluetooth del kernel de Linux manejaba la inicializaci\u00f3n de la memoria de la pila al manejar determinados paquetes AMP. Este fallo permite a un atacante remoto en un rango adyacente filtrar peque\u00f1as porciones de memoria de la pila en el sistema mediante el env\u00edo de paquetes AMP especialmente dise\u00f1ados. La mayor amenaza de esta vulnerabilidad es la confidencialidad de los datos"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-665"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-665"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "28B0C0F5-6ABD-4494-8824-1BEE665E16FE"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2020-12352",
"source": "secalert@redhat.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/security/vulnerabilities/BleedingTooth",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25662",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink