All the vulnerabilites related to Intel - BlueZ
cve-2020-0556
Vulnerability from cvelistv5
Published
2020-03-12 20:47
Modified
2024-08-04 06:02
Severity ?
Summary
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:02:52.334Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html"
          },
          {
            "name": "GLSA-202003-49",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202003-49"
          },
          {
            "name": "DSA-4647",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4647"
          },
          {
            "name": "USN-4311-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4311-1/"
          },
          {
            "name": "openSUSE-SU-2020:0479",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html"
          },
          {
            "name": "[debian-lts-announce] 20200609 [SECURITY] [DLA 2240-1] bluez security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html"
          },
          {
            "name": "openSUSE-SU-2020:0872",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BlueZ",
          "vendor": "Intel",
          "versions": [
            {
              "status": "affected",
              "version": "5.54"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege, Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-26T20:06:08",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html"
        },
        {
          "name": "GLSA-202003-49",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202003-49"
        },
        {
          "name": "DSA-4647",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4647"
        },
        {
          "name": "USN-4311-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4311-1/"
        },
        {
          "name": "openSUSE-SU-2020:0479",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html"
        },
        {
          "name": "[debian-lts-announce] 20200609 [SECURITY] [DLA 2240-1] bluez security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html"
        },
        {
          "name": "openSUSE-SU-2020:0872",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2020-0556",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BlueZ",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "5.54"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Escalation of Privilege, Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html"
            },
            {
              "name": "GLSA-202003-49",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202003-49"
            },
            {
              "name": "DSA-4647",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4647"
            },
            {
              "name": "USN-4311-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4311-1/"
            },
            {
              "name": "openSUSE-SU-2020:0479",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html"
            },
            {
              "name": "[debian-lts-announce] 20200609 [SECURITY] [DLA 2240-1] bluez security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html"
            },
            {
              "name": "openSUSE-SU-2020:0872",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2020-0556",
    "datePublished": "2020-03-12T20:47:26",
    "dateReserved": "2019-10-28T00:00:00",
    "dateUpdated": "2024-08-04T06:02:52.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}