CVE-2021-3658 Vulnerability Details

  /     /     /  

CVE-2021-3658 Metadata Quick Info

CVE Published: 02/03/2022 | CVE Updated: 03/08/2024 | CVE Year: 2021
Source: redhat | Vendor: n/a | Product: bluez
Status : PUBLISHED

---

CVE-2021-3658 Description

bluetoothd from bluez incorrectly saves adapters\' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to physically nearby attackers.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-863
CWE Name: CWE-863
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).