CVE-2021-0129

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html

https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html

https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html

https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html

https://security.netapp.com/advisory/ntap-20210716-0002/

https://www.debian.org/security/2021/dsa-4951

Details

Source: MITRE

Published: 2021-06-09

Updated: 2021-11-29

Type: CWE-863

Risk Information

CVSS v2

Base Score: 2.7

Vector: AV:A/AC:L/Au:S/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 5.1

Severity: LOW

CVSS v3

Base Score: 5.7

Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 2.1

Severity: MEDIUM

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:a:bluez:bluez:*:*:*:*:*:*:*:*

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Tenable Plugins

View all (35 total)

IDNameProductFamilySeverity
155425Oracle Linux 8 : kernel (ELSA-2021-4356)NessusOracle Linux Local Security Checks
high
155219RHEL 8 : kernel (RHSA-2021:4356)NessusRed Hat Local Security Checks
high
155172RHEL 8 : kernel-rt (RHSA-2021:4140)NessusRed Hat Local Security Checks
high
155145CentOS 8 : kernel (CESA-2021:4356)NessusCentOS Local Security Checks
high
155070CentOS 8 : kernel-rt (CESA-2021:4140)NessusCentOS Local Security Checks
high
154404EulerOS 2.0 SP3 : kernel (EulerOS-SA-2021-2588)NessusHuawei Local Security Checks
high
153692EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2502)NessusHuawei Local Security Checks
high
153129Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5017-1)NessusUbuntu Local Security Checks
high
152774Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5050-1)NessusUbuntu Local Security Checks
medium
152665Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5046-1)NessusUbuntu Local Security Checks
medium
152271Debian DSA-4951-1 : bluez - security updateNessusDebian Local Security Checks
high
152055SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2451-1)NessusSuSE Local Security Checks
high
151998SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2422-1)NessusSuSE Local Security Checks
high
151996SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2426-1)NessusSuSE Local Security Checks
high
151989SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2427-1)NessusSuSE Local Security Checks
high
151986SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2421-1)NessusSuSE Local Security Checks
high
151935openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2427-1)NessusSuSE Local Security Checks
high
151920Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5018-1)NessusUbuntu Local Security Checks
high
151897Slackware 14.2 : Slackware 14.2 kernel (SSA:2021-202-01)NessusSlackware Local Security Checks
high
151878SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2406-1)NessusSuSE Local Security Checks
high
151793Amazon Linux 2 : kernel (ALAS-2021-1685)NessusAmazon Linux Local Security Checks
medium
151743openSUSE 15 Security Update : bluez (openSUSE-SU-2021:2291-1)NessusSuSE Local Security Checks
medium
151658SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2349-1)NessusSuSE Local Security Checks
high
151653SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:2324-1)NessusSuSE Local Security Checks
high
151652SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:2325-1)NessusSuSE Local Security Checks
high
151649SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2321-1)NessusSuSE Local Security Checks
high
151617SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2303-1)NessusSuSE Local Security Checks
high
151531SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2021:2291-1)NessusSuSE Local Security Checks
medium
151438Photon OS 3.0: Bluez PHSA-2021-3.0-0263NessusPhotonOS Local Security Checks
medium
151434Photon OS 4.0: Bluez PHSA-2021-4.0-0055NessusPhotonOS Local Security Checks
medium
151200SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2202-1)NessusSuSE Local Security Checks
high
151125SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:2184-1)NessusSuSE Local Security Checks
high
151044Debian DLA-2692-1 : bluez security updateNessusDebian Local Security Checks
medium
150985Debian DLA-2689-1 : linux security updateNessusDebian Local Security Checks
high
150984Debian DLA-2690-1 : linux-4.19 security updateNessusDebian Local Security Checks
high