CVE-2018-10910 Vulnerability Details

  /     /     /  

CVE-2018-10910 Metadata Quick Info

CVE Published: 28/01/2019 | CVE Updated: 05/08/2024 | CVE Year: 2018
Source: redhat | Vendor: The Bluez Project | Product: bluez
Status : PUBLISHED

---

CVE-2018-10910 Description

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-863
CWE Name: CWE-863
Source: The Bluez Project

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).