admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-151xx/CVE-2019-15126.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

331 lines
9.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-15126",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-02-05T17:15:10.443",
"lastModified": "2020-08-11T19:15:17.033",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en los dispositivos cliente de Broadcom Wi-Fi. Espec\u00edficamente un tr\u00e1fico dise\u00f1ado minuciosamente y sincronizado puede causar errores internos (relacionados con las transiciones de estado) en un dispositivo WLAN que conllevan a un cifrado de Wi-Fi de Capa 2 inapropiado con una consiguiente posibilidad de divulgaci\u00f3n de informaci\u00f3n por medio del aire para un conjunto de tr\u00e1fico discreto, una vulnerabilidad diferente de CVE-2019-9500, CVE-2019-9501, CVE-2019-9502 y CVE-2019-9503."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9
},
"baseSeverity": "LOW",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.2",
"matchCriteriaId": "AD59FD8B-5C11-469A-91E8-B3EB904AB1EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.2",
"matchCriteriaId": "13864229-C006-4C72-AAE3-90F009375CA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.15.1",
"matchCriteriaId": "E773457A-E670-4DDA-86E2-0923C1DCD9BA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:bcm4389_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12F03EE0-8785-417A-BECA-BEA63757A39D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:bcm4389:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF854566-05B0-4661-A6FB-1FB57D2DA7F9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:bcm43012_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "267F4829-8427-498F-9527-F0CBF59E4EBF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:bcm43012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE5C165-FBF8-4860-AA22-B6572444396B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:bcm43013_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE8006F-EFF6-4C48-A88D-D454FCAF6FBB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:bcm43013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE2C4A7-5C2B-436F-8088-36CB4552524D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:bcm4375_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F7B684-7732-4D96-A1D8-B7FF7D48FEBF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:bcm4375:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B96EBAD-7270-43CF-8DF5-A6316581764F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:bcm43752_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "196BB042-784B-4DA7-80B9-491660DE96FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:bcm43752:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC39880-8A15-49DE-B355-FDCDD536AB5F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:bcm4356_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D071C0E7-D86C-4D86-807F-37882D4F7C2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:bcm4356:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E682AB-4198-43C4-BD64-A1FDA1CD8A3B"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txt",
"source": "cve@mitre.org"
},
{
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-wifi-en",
"source": "cve@mitre.org"
},
{
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20200228-01-kr00k-en",
"source": "cve@mitre.org"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0001",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT210721",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT210722",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT210788",
"source": "cve@mitre.org"
},
{
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure",
"source": "cve@mitre.org"
},
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05",
"source": "cve@mitre.org"
},
{
"url": "https://www.mist.com/documentation/mist-security-advisory-kr00k-attack-faq/",
"source": "cve@mitre.org"
},
{
"url": "https://www.synology.com/security/advisory/Synology_SA_20_03",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink