Lucene search
Veracode Vulnerability DatabaseVERACODE:43625HistoryOct 09, 2023 - 10:06 a.m.
Improper Input Validation
2023-10-0910:06:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
improper input validation
libzephyr.so
smp_keys_check
unauthorized actions
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
58.4%
libzephyr.so is vulnerable to Improper Input Validation. The vulnerability exists due to the smp_keys_check function insmp.c due to a missing conditional check which allows an attacker to gain access and perform unauthorized actions.
Related
cvelist
cvelist
CVE-2022-2993 bt: host: Wrong key validation check
2022-12-12 01:50:00
nvd
nvd
CVE-2022-2993
2022-12-09 20:15:10
cve
cve
CVE-2022-2993
2022-12-12 01:50:00
prion
prion
Design/Logic Flaw
2022-12-09 20:15:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
58.4%
Related for VERACODE:43625