Описание
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:midnightblue:tetra\:burst:-:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00136
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-353
CWE-354
Связанные уязвимости
CVSS3: 5.9
github
больше 2 лет назад
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion.
EPSS
Процентиль: 34%
0.00136
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-353
CWE-354