Lucene search
Veracode Vulnerability DatabaseVERACODE:22873HistoryApr 01, 2020 - 12:38 a.m.
Authorization Bypass
2020-04-0100:38:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.0004 Low
EPSS
Percentile
12.9%
bluez is vulnerable to authorization bypass. The vulnerability exists as it fails to disable bluetooth discoverability that may lead to the unauthorized pairing of bluetooth devices.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bluez | eq | 5.50__1.el8 | |
| bluez | eq | 5.44__4.el7_4 | |
| bluez | eq | 5.44__5.el7 | |
| bluez | eq | 5.50__1.el8 | |
| bluez | eq | 5.44__4.el7_4 | |
| bluez | eq | 5.44__5.el7 |
References
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index
access.redhat.com/errata/RHSA-2020:1101
access.redhat.com/errata/RHSA-2020:1912
access.redhat.com/security/cve/CVE-2018-10910
access.redhat.com/security/updates/classification/#low
bugzilla.redhat.com/show_bug.cgi?id=1606203
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10910
usn.ubuntu.com/3856-1/
Related
prion
prion
Authentication flaw
2019-01-28 15:29:00
redhat
redhat
(RHSA-2020:1101) Low: bluez security update
2020-03-31 09:18:51
(RHSA-2020:1912) Low: bluez security update
2020-04-28 09:29:48
ubuntu
ubuntu
GNOME Bluetooth vulnerability
2019-01-14 00:00:00
nessus
nessus
CentOS 7 : bluez (CESA-2020:1101)
2020-04-10 00:00:00
Oracle Linux 8 : bluez (ELSA-2020-1912)
2023-09-07 00:00:00
RHEL 7 : bluez (RHSA-2020:1101)
2020-03-31 00:00:00
centos
centos
bluez security update
2020-04-08 17:46:42
cve
cve
CVE-2018-10910
2019-01-28 15:29:00
oraclelinux
oraclelinux
bluez security update
2020-04-06 00:00:00
bluez security update
2020-05-05 00:00:00
redhatcve
redhatcve
CVE-2018-10910
2018-07-23 00:49:08
cvelist
cvelist
CVE-2018-10910
2019-01-28 15:00:00
nvd
nvd
CVE-2018-10910
2019-01-28 15:29:00
debiancve
debiancve
CVE-2018-10910
2019-01-28 15:29:00
osv
osv
CVE-2018-10910
2019-01-28 15:29:00
openvas
openvas
Ubuntu: Security Advisory (USN-3856-1)
2019-01-15 00:00:00
Mageia: Security Advisory (MGASA-2020-0152)
2022-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2018-10910
2018-07-24 00:00:00
mageia
mageia
Updated bluez packages fix security vulnerabilities
2020-04-03 01:48:49