PT-2021-4255 · Bluez+7 · Bluez+7

Published

2021-06-08

·

Updated

2024-08-16

·

CVE-2021-0129

CVSS v3.1

5.7

Medium

VectorAV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions BlueZ (affected versions not specified)
Description The issue is related to improper access control in BlueZ, which may allow an authenticated user to potentially enable information disclosure via adjacent access. This is due to incorrect authorization. An attacker, acting remotely, can exploit this to gain access to confidential data.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

ALSA-2021:4356
BDU:2021-04863
CESA-2021_4140
CESA-2021_4356
CVE-2021-0129
DLA-2689-1
DLA-2690-1
DLA-2692-1
DSA-4951-1
OESA-2021-1279
OESA-2022-1571
OESA-2022-2047
OPENSUSE-SU-2021:2184-1
OPENSUSE-SU-2021:2202-1
OPENSUSE-SU-2021:2291-1
OPENSUSE-SU-2021:2427-1
OPENSUSE-SU-2021_2184-1
OPENSUSE-SU-2021_2202-1
OPENSUSE-SU-2021_2291-1
OPENSUSE-SU-2021_2427-1
OPENSUSE-SU-2024:12446-1
OPENSUSE-SU-2024_2948-1
RHSA-2021:4140
RHSA-2021:4356
RHSA-2021_4140
RHSA-2021_4356
SUSE-SU-2021:2184-1
SUSE-SU-2021:2202-1
SUSE-SU-2021:2291-1
SUSE-SU-2021:2303-1
SUSE-SU-2021:2321-1
SUSE-SU-2021:2324-1
SUSE-SU-2021:2325-1
SUSE-SU-2021:2349-1
SUSE-SU-2021:2406-1
SUSE-SU-2021:2421-1
SUSE-SU-2021:2422-1
SUSE-SU-2021:2426-1
SUSE-SU-2021:2427-1
SUSE-SU-2021:2451-1
SUSE-SU-2022:3687-1
SUSE-SU-2022:3691-1
SUSE-SU-2024:2901-1
SUSE-SU-2024:2923-1
SUSE-SU-2024:2940-1
SUSE-SU-2024:2948-1
USN-5017-1
USN-5018-1
USN-5046-1
USN-5050-1
USN-5299-1
USN-5343-1

Affected Products

Almalinux
Astra Linux
Bluez
Centos
Linuxmint
Red Hat
Suse
Ubuntu