Lucene search

China National Vulnerability DatabaseCNVD-2021-59582

HistoryAug 03, 2021 - 12:00 a.m.

ARM Mbed TLS Trust Management Issue Vulnerability

2021-08-0300:00:00

China National Vulnerability Database

www.cnvd.org.cn

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

JSON

ARM mbed TLS is a product from ARM UK that provides secure communication and encryption for mbed products. versions prior to ARM Mbed TLS 2.24.0 have a security vulnerability that can be exploited by remote attackers to recover private key data.

CPENameOperatorVersion
arm mbed tlsle2.24.0

CPE	Name	Operator	Version
	arm mbed tls	le	2.24.0

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

JSON

Related for CNVD-2021-59582