CVE-2023-51712

Опубликовано: 05 сент. 2024

Источник: debian

EPSS Низкий

Описание

An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
arm-trusted-firmware	not-affected			package

Примечания

https://trustedfirmware-m.readthedocs.io/en/latest/security/security_advisories/debug_log_vulnerability.html

EPSS

Процентиль: 32%

0.00122

Низкий

Связанные уязвимости

CVE-2023-51712

CVSS3: 4.7

nvd

больше 1 года назад

An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.

GHSA-8mjg-c853-xc3w

CVSS3: 4.7

github

больше 1 года назад

An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.

EPSS

Процентиль: 32%

0.00122

Низкий