CVE-2019-15914

{"id": "CVE-2019-15914", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-12-20T17:15:11.643", "references": [{"url": "https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15914_1.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15914_2.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15914_1.md", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15914_2.md", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en los dispositivos Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM. Los atacantes pueden utilizar el procedimiento de reincorporaci\u00f3n del centro de confianza ZigBee para realizar m\u00faltiples ataques de denegaci\u00f3n de servicio."}], "lastModified": "2024-11-21T04:29:43.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mi:dgnwg03lm_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18E6AAD6-8A61-4E16-8387-ADEDD63BA7DC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mi:dgnwg03lm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FFD6A160-4E8B-485F-8EC1-C4D52F002875"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mi:zncz03lm_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "454AB732-27E3-412E-AD89-3D62C98B06D3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mi:zncz03lm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "833C0FBE-F3DC-4D28-A996-17E485592046"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mi:mccgq01lm_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A01F6B64-4DDA-4E51-A9C7-1C6E3E537156"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mi:mccgq01lm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "44AB28D7-A56F-411C-A6EF-7DB42234EDA5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mi:wsdcgq01lm_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AC2BB24-C436-4862-BB7E-0546430753FF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mi:wsdcgq01lm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "456AE601-26F7-4DB0-9FBE-47D171B20AEC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mi:rtcgq01lm_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1ED2FDB-6F55-4FD2-AE4D-E094D875D189"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mi:rtcgq01lm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FF98F7C8-9B48-4594-AECA-E044268CDDBA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}