CVE-2019-19195

{"id": "CVE-2019-19195", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.1, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2020-02-10T21:51:32.923", "references": [{"url": "https://asset-group.github.io/disclosures/sweyntooth/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.microchip.com/wwwproducts/en/ATSAMB11", "tags": ["Product", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://asset-group.github.io/disclosures/sweyntooth/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.microchip.com/wwwproducts/en/ATSAMB11", "tags": ["Product", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet."}, {"lang": "es", "value": "La implementaci\u00f3n de Bluetooth Low Energy en la tecnolog\u00eda Microchip BluSDK Smart versiones hasta 6.2 para dispositivos ATSAMB11, no restringe apropiadamente la longitud de los datos de la capa de enlace en la recepci\u00f3n, permitiendo a atacantes dentro del radio de alcance causar una denegaci\u00f3n de servicio (bloqueo) por medio de un paquete dise\u00f1ado."}], "lastModified": "2024-11-21T04:34:18.190", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microchip:atmsamb11_blusdk_smart:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEBE5B57-A74C-4A14-A1F5-BF2A99F4F602", "versionEndIncluding": "6.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:microchip:atsamb11:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "32F7B5EE-A1CD-4E5E-8902-55D0A761796F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}