Skip to content
This repository was archived by the owner on May 14, 2024. It is now read-only.

Commit 7e3c073

Browse files
ahouseholderahouseholder
committed
modified files
1 parent 293063a commit 7e3c073

4 files changed

Lines changed: 44 additions & 44 deletions

File tree

data/44/vu_988944/vu_988944.json

Lines changed: 20 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -12,26 +12,26 @@
1212
"CAM_WidelyKnown": "0",
1313
"CERTAdvisory": "",
1414
"CVEIDs": "",
15-
"CVSS_AccessComplexity": "",
16-
"CVSS_AccessVector": "",
17-
"CVSS_Authenication": "",
18-
"CVSS_AvailabilityImpact": "",
19-
"CVSS_BaseScore": "",
20-
"CVSS_BaseVector": "",
21-
"CVSS_CollateralDamagePotential": "",
22-
"CVSS_ConfidentialityImpact": "",
23-
"CVSS_EnvironmentalScore": "",
24-
"CVSS_EnvironmentalVector": "",
25-
"CVSS_Exploitability": "",
26-
"CVSS_IntegrityImpact": "",
27-
"CVSS_RemediationLevel": "",
28-
"CVSS_ReportConfidence": "",
29-
"CVSS_SecurityRequirementsAR": "",
30-
"CVSS_SecurityRequirementsCR": "",
31-
"CVSS_SecurityRequirementsIR": "",
32-
"CVSS_TargetDistribution": "",
33-
"CVSS_TemporalScore": "",
34-
"CVSS_TemporalVector": "",
15+
"CVSS_AccessComplexity": "--",
16+
"CVSS_AccessVector": "--",
17+
"CVSS_Authenication": "--",
18+
"CVSS_AvailabilityImpact": "--",
19+
"CVSS_BaseScore": 0,
20+
"CVSS_BaseVector": "AV:--/AC:--/Au:--/C:--/I:--/A:--",
21+
"CVSS_CollateralDamagePotential": "Not Defined (ND)",
22+
"CVSS_ConfidentialityImpact": "--",
23+
"CVSS_EnvironmentalScore": 0,
24+
"CVSS_EnvironmentalVector": "CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)",
25+
"CVSS_Exploitability": "Not Defined (ND)",
26+
"CVSS_IntegrityImpact": "--",
27+
"CVSS_RemediationLevel": "Not Defined (ND)",
28+
"CVSS_ReportConfidence": "Not Defined (ND)",
29+
"CVSS_SecurityRequirementsAR": "Not Defined (ND)",
30+
"CVSS_SecurityRequirementsCR": "Not Defined (ND)",
31+
"CVSS_SecurityRequirementsIR": "Not Defined (ND)",
32+
"CVSS_TargetDistribution": "Not Defined (ND)",
33+
"CVSS_TemporalScore": 0,
34+
"CVSS_TemporalVector": "E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)",
3535
"DateCreated": "2002-01-17T13:47:42-05:00",
3636
"DateFirstPublished": "",
3737
"DateLastUpdated": "2002-01-17T13:48:00-05:00",

data/55/vu_988955/vu_988955.json

Lines changed: 20 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -12,26 +12,26 @@
1212
"CAM_WidelyKnown": "0",
1313
"CERTAdvisory": "",
1414
"CVEIDs": "",
15-
"CVSS_AccessComplexity": "",
16-
"CVSS_AccessVector": "",
17-
"CVSS_Authenication": "",
18-
"CVSS_AvailabilityImpact": "",
19-
"CVSS_BaseScore": "",
20-
"CVSS_BaseVector": "",
21-
"CVSS_CollateralDamagePotential": "",
22-
"CVSS_ConfidentialityImpact": "",
23-
"CVSS_EnvironmentalScore": "",
24-
"CVSS_EnvironmentalVector": "",
25-
"CVSS_Exploitability": "",
26-
"CVSS_IntegrityImpact": "",
27-
"CVSS_RemediationLevel": "",
28-
"CVSS_ReportConfidence": "",
29-
"CVSS_SecurityRequirementsAR": "",
30-
"CVSS_SecurityRequirementsCR": "",
31-
"CVSS_SecurityRequirementsIR": "",
32-
"CVSS_TargetDistribution": "",
33-
"CVSS_TemporalScore": "",
34-
"CVSS_TemporalVector": "",
15+
"CVSS_AccessComplexity": "--",
16+
"CVSS_AccessVector": "--",
17+
"CVSS_Authenication": "--",
18+
"CVSS_AvailabilityImpact": "--",
19+
"CVSS_BaseScore": 0,
20+
"CVSS_BaseVector": "AV:--/AC:--/Au:--/C:--/I:--/A:--",
21+
"CVSS_CollateralDamagePotential": "Not Defined (ND)",
22+
"CVSS_ConfidentialityImpact": "--",
23+
"CVSS_EnvironmentalScore": 0,
24+
"CVSS_EnvironmentalVector": "CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)",
25+
"CVSS_Exploitability": "Not Defined (ND)",
26+
"CVSS_IntegrityImpact": "--",
27+
"CVSS_RemediationLevel": "Not Defined (ND)",
28+
"CVSS_ReportConfidence": "Not Defined (ND)",
29+
"CVSS_SecurityRequirementsAR": "Not Defined (ND)",
30+
"CVSS_SecurityRequirementsCR": "Not Defined (ND)",
31+
"CVSS_SecurityRequirementsIR": "Not Defined (ND)",
32+
"CVSS_TargetDistribution": "Not Defined (ND)",
33+
"CVSS_TemporalScore": 0,
34+
"CVSS_TemporalVector": "E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)",
3535
"DateCreated": "2001-08-30T15:38:10-04:00",
3636
"DateFirstPublished": "",
3737
"DateLastUpdated": "2001-09-06T12:05:00-04:00",

data/77/vu_647177/vu_647177.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@
3434
"CVSS_TemporalVector": "E:ND/RL:ND/RC:ND",
3535
"DateCreated": "2019-12-10T12:57:54-05:00",
3636
"DateFirstPublished": "2020-05-18T13:59:42-04:00",
37-
"DateLastUpdated": "2020-05-18T14:16:00-04:00",
37+
"DateLastUpdated": "2020-05-26T09:49:00-04:00",
3838
"DatePublic": "2020-04-14T00:00:00",
3939
"Description": "Bluetooth is a short-range wireless technology based off of a core specification that defines six different core configurations, including the Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) Core Configurations. Bluetooth BR/EDR is used for low-power short-range communications. To establish an encrypted connection, two Bluetooth devices must pair with each other using a link key. It is possible for an unauthenticated, adjacent attacker to spoof the address of a previously paired remote device to successfully complete the authentication procedure with some paired/bonded devices without knowing the link key. The Bluetooth Impersonation Attack (BIAS) can be performed in two different ways, depending on which Secure Simple Pairing method (either Legacy Secure Connections or Secure Connections) was previously used to establish a connection between two devices. If the pairing procedure was completed using the Secure Connections method, the attacker could claim to be the previously paired remote device that no longer supports secure connections, thereby downgrading the authentication security. This would allow the attacker to proceed with the BIAS method against the legacy authentication unless the device they are attacking is in Secure Connections only mode. If the attacker can either downgrade authentication or is attacking a device that does not support Secure Connections, they can perform the attack using a similar method by initiating a master-slave role switch to place itself into the master role and become the authentication initiator. If successful, they complete the authentication with the remote device. If the remote device does not then mutually authenticate with the attacker in the master role, it will result in the authentication-complete notification on both devices, even though the attacker does not possess the link key. The BIAS method is able to be performed for the following reasons: Bluetooth secure connection establishment is not encrypted and the selection of secure connections pairing method is not enforced for an already established pairing, Legacy Secure Connections secure connection establishment does not require mutual authentication, a Bluetooth device can perform a role switch any time after baseband paging, and devices who paired using Secure Connections can use Legacy Secure Connections during secure connection establishment.",
4040
"ID": "VU#647177",
@@ -56,7 +56,7 @@
5656
"https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/reporting-security/"
5757
],
5858
"Resolution": "Bluetooth host and controller suppliers should refer to the Bluetooth SIG's statement for guidance on updating their products. Downstream vendors should refer to their suppliers for updates.",
59-
"Revision": 30,
59+
"Revision": 31,
6060
"SystemsAffectedPreamble": "",
6161
"ThanksAndCredit": "Thanks to Daniele Antonioli of Singapore University of Technology and Design, Nils Ole Tippenhauer of CISPA Helmholtz Center for Information Security, and Kasper Rasmussen of the University of Oxford for reporting this vulnerability.",
6262
"Title": "Bluetooth devices supporting BR/EDR are vulnerable to impersonation attacks",

data/95/vu_534195/vu_534195.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@
3434
"CVSS_TemporalVector": "E:ND/RL:ND/RC:ND",
3535
"DateCreated": "2020-02-03T13:14:04-05:00",
3636
"DateFirstPublished": "2020-05-18T14:11:49-04:00",
37-
"DateLastUpdated": "2020-05-18T14:12:00-04:00",
37+
"DateLastUpdated": "2020-05-26T09:40:00-04:00",
3838
"DatePublic": "2020-05-18T00:00:00",
3939
"Description": "Bluetooth is a short-range wireless technology based off of a core specification that defines six different core configurations, including the Bluetooth Low Energy (BLE) Core Configuration. Like Bluetooth Classic (BR/ER), BLE is used for low-power short-range communications, but has significantly lower power consumption, making it ideal for Internet of Things (IoT) and other resource restricted devices. For two devices to communicate over BLE, they need to establish a connection by pairing via the (Low Energy) Secure Connections (SC or LESC) or Secure Simple Pairing (SSP) methods. The pairing process includes feature information exchange between devices on what they support, public key exchange, and authentication of the public keys using an Association Model. Two of the possible Association Models, Numeric Comparison (NC) and Passkey Entry (PE), are impacted by this attack. An adjacent, unauthenticated attacker can intercept the credentials shared during the pairing process and force each victim device into a different Association Model. To do this, the attacker must negotiate an NC procedure with one device and a PE procedure with the other, and the user must erroneously enter the NC value as the public key value and accept pairing on the NC device. This scenario applies to both BLE Secure Connections pairing and BR/EDR Secure Simple Pairing. However, only a device operating as a keyboard for the purposes of pairing may be used to enter the passkey in the BR/EDR Secure Simple Pairing scenario. The attacker would be able to initiate any Bluetooth operation on either attacked device that is exposed by the enabled Bluetooth profiles. For this attack to be successful, an attacking device must be within wireless range of two vulnerable Bluetooth devices that are establishing either an LE or a BR/EDR encrypted connection without existing shared credentials (long term key or link key). At least one device must permit entry of a passkey, and the other must support a display capable of representing six decimal digits. This attack is possible because the Association Models NC and PE use the same form of check value, the model used is not indicated to the user (making it extremely difficult to notice the change), and the devices are not authenticating which Association Model is used by the peer device.",
4040
"ID": "VU#534195",
@@ -52,7 +52,7 @@
5252
"https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/reporting-security/"
5353
],
5454
"Resolution": "Bluetooth host and controller suppliers should refer to the Bluetooth SIG's statement for guidance on updating their products. Downstream vendors should refer to their suppliers for updates.",
55-
"Revision": 23,
55+
"Revision": 24,
5656
"SystemsAffectedPreamble": "",
5757
"ThanksAndCredit": "Thanks to Ludwig Peuckert and Maximilian von Tschirschnitz for reporting this vulnerability.",
5858
"Title": "Bluetooth devices supporting LE and specific BR/EDR implementations are vulnerable to method confusion attacks",

0 commit comments

Comments
 (0)