Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-51712HistorySep 05, 2024 - 4:15 p.m.
CVE-2023-51712
2024-09-0516:15:06
Debian Security Bug Tracker
security-tracker.debian.org
1
trusted firmware-m
argument verification
logging subsystem
sensitive data
login function
unix
CVSS3
4.7
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
AI Score
6.8
Confidence
Low
An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | arm-trusted-firmware | < 2.8.0+dfsg-1 | arm-trusted-firmware_2.8.0+dfsg-1_all.deb |
| Debian | 11 | all | arm-trusted-firmware | < 2.4+dfsg-2 | arm-trusted-firmware_2.4+dfsg-2_all.deb |
| Debian | 999 | all | arm-trusted-firmware | < 2.10.0+dfsg-1 | arm-trusted-firmware_2.10.0+dfsg-1_all.deb |
| Debian | 13 | all | arm-trusted-firmware | < 2.10.0+dfsg-1 | arm-trusted-firmware_2.10.0+dfsg-1_all.deb |
Related
cve
cve
CVE-2023-51712
2024-09-05 16:15:06
cvelist
cvelist
CVE-2023-51712
2024-09-05 00:00:00
osv
osv
CVE-2023-51712
2024-09-05 16:15:06
nvd
nvd
CVE-2023-51712
2024-09-05 16:15:06
vulnrichment
vulnrichment
CVE-2023-51712
2024-09-05 00:00:00
CVSS3
4.7
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
AI Score
6.8
Confidence
Low
Related for DEBIANCVE:CVE-2023-51712