CVE-2017-0423

Опубликовано: 08 фев. 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 2.9

EPSS Низкий

Описание

An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage access to documents on the device. This issue is rated as Moderate because it first requires exploitation of a separate vulnerability in the Bluetooth stack. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32612586.

Ссылки

http://www.securityfocus.com/bid/96102
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037798
https://source.android.com/security/bulletin/2017-02-01.html
Vendor Advisory
http://www.securityfocus.com/bid/96102
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037798
https://source.android.com/security/bulletin/2017-02-01.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00084

Низкий

5.3 Medium

CVSS3

2.9 Low

CVSS2

Дефекты

CWE-732

Связанные уязвимости

CVE-2017-0423

CVSS3: 5.3

ubuntu

почти 9 лет назад

GHSA-pcvx-6pjw-cvh6

CVSS3: 5.3

github

больше 3 лет назад

EPSS

Процентиль: 25%

0.00084

Низкий

5.3 Medium

CVSS3

2.9 Low

CVSS2

Дефекты

CWE-732