CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcc5100:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND

cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND

cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND

cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND

cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND

cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND

cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

12 Apr 2024, 17:16

Type	Values Removed	Values Added
Summary		(es) Revelación de información en Bluetooth cuando se recibe un paquete GATT debido a una validación de entrada incorrecta.

10 Aug 2023, 15:49

Type	Values Removed	Values Added
First Time		Qualcomm qcc5100 Firmware Qualcomm wcn6856 Firmware Qualcomm qcn9074 Firmware Qualcomm wcn6851 Qualcomm wcd9341 Firmware Qualcomm qca6426 Qualcomm wcd9341 Qualcomm qca6595au Firmware Qualcomm wsa8810 Firmware Qualcomm qca6436 Firmware Qualcomm wcd9380 Qualcomm sdxr2 5g Qualcomm Qualcomm sw5100p Firmware Qualcomm qcn9074 Qualcomm sdx55m Qualcomm qca6391 Firmware Qualcomm sd 8 Gen1 5g Firmware Qualcomm wcn3660b Firmware Qualcomm wcn7851 Qualcomm wcn3660b Qualcomm sa8195p Firmware Qualcomm sa6150p Qualcomm sa6150p Firmware Qualcomm wcd9370 Qualcomm sa8145p Qualcomm wsa8810 Qualcomm qca6574au Qualcomm sdx55m Firmware Qualcomm sdxr2 5g Firmware Qualcomm wsa8835 Qualcomm wcn6850 Qualcomm wsa8835 Firmware Qualcomm sw5100 Firmware Qualcomm wsa8815 Qualcomm wcn3980 Qualcomm sa6145p Qualcomm wcn3680b Qualcomm sd865 5g Firmware Qualcomm sa6155p Firmware Qualcomm qca6696 Qualcomm qcs410 Qualcomm qcc5100 Qualcomm wcn3980 Firmware Qualcomm wcn3950 Firmware Qualcomm sa8145p Firmware Qualcomm sd870 Qualcomm wcn6850 Firmware Qualcomm sa8195p Qualcomm sa8155p Qualcomm qca6696 Firmware Qualcomm wcn6856 Qualcomm qca6595au Qualcomm sa8150p Firmware Qualcomm qcs410 Firmware Qualcomm sd870 Firmware Qualcomm sa6155p Qualcomm qca6390 Firmware Qualcomm qcs610 Qualcomm wcn7850 Qualcomm sa8150p Qualcomm qca6390 Qualcomm sw5100p Qualcomm qcs610 Firmware Qualcomm qca6436 Qualcomm wcn6851 Firmware Qualcomm wcd9370 Firmware Qualcomm sa8155p Firmware Qualcomm wcn6855 Firmware Qualcomm wsa8815 Firmware Qualcomm wcn7850 Firmware Qualcomm sd865 5g Qualcomm qca6391 Qualcomm wsa8830 Firmware Qualcomm wcn7851 Firmware Qualcomm wcn3950 Qualcomm sw5100 Qualcomm wcn3988 Qualcomm wcd9380 Firmware Qualcomm qca6426 Firmware Qualcomm wcn3680b Firmware Qualcomm qca6574au Firmware Qualcomm sd 8 Gen1 5g Qualcomm wcn3988 Firmware Qualcomm sa6145p Firmware Qualcomm wcn6855 Qualcomm wsa8830
References	~~(MISC) https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin -~~	(MISC) https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin - Patch, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
CPE		cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8195p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6155p_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn7850_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6574au:-:::::::* cpe:2.3:h:qualcomm:wcn7851:-:::::::* cpe:2.3:h:qualcomm:wcn3980:-:::::::* cpe:2.3:o:qualcomm:qca6390_firmware:-:::::::* cpe:2.3:h:qualcomm:qcs410:-:::::::* cpe:2.3:o:qualcomm:qcs610_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6855_firmware:-:::::::* cpe:2.3:h:qualcomm:qcn9074:-:::::::* cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:::::::* cpe:2.3:h:qualcomm:sa8195p:-:::::::* cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::* cpe:2.3:h:qualcomm:sa6145p:-:::::::* cpe:2.3:h:qualcomm:qcs610:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:qcc5100_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8155p_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::* cpe:2.3:o:qualcomm:sw5100p_firmware:-:::::::* cpe:2.3:h:qualcomm:sd870:-:::::::* cpe:2.3:h:qualcomm:qca6696:-:::::::* cpe:2.3:h:qualcomm:qca6390:-:::::::* cpe:2.3:o:qualcomm:wcn3680b_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3988_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9341:-:::::::* cpe:2.3:h:qualcomm:wcn6856:-:::::::* cpe:2.3:h:qualcomm:wcn3680b:-:::::::* cpe:2.3:o:qualcomm:qcs410_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6856_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3660b:-:::::::* cpe:2.3:o:qualcomm:sw5100_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6145p_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3950_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6850_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3660b_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6150p_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9370:-:::::::* cpe:2.3:h:qualcomm:wcn6850:-:::::::* cpe:2.3:h:qualcomm:wcn6851:-:::::::* cpe:2.3:o:qualcomm:wcn7851_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6595au:-:::::::* cpe:2.3:h:qualcomm:sd865_5g:-:::::::* cpe:2.3:o:qualcomm:wcn6851_firmware:-:::::::* cpe:2.3:o:qualcomm:sd865_5g_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6391_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn7850:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:sa6155p:-:::::::* cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:o:qualcomm:qcn9074_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8155p:-:::::::* cpe:2.3:o:qualcomm:wcd9341_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6436:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:o:qualcomm:qca6436_firmware:-:::::::* cpe:2.3:o:qualcomm:sdx55m_firmware:-:::::::* cpe:2.3:h:qualcomm:sdx55m:-:::::::* cpe:2.3:h:qualcomm:sa8145p:-:::::::* cpe:2.3:h:qualcomm:qca6426:-:::::::* cpe:2.3:o:qualcomm:sa8145p_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6391:-:::::::* cpe:2.3:h:qualcomm:wcn6855:-:::::::* cpe:2.3:h:qualcomm:sa8150p:-:::::::* cpe:2.3:h:qualcomm:sdxr2_5g:-:::::::* cpe:2.3:h:qualcomm:sw5100p:-:::::::* cpe:2.3:o:qualcomm:qca6426_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3988:-:::::::* cpe:2.3:h:qualcomm:sw5100:-:::::::* cpe:2.3:o:qualcomm:sd870_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8150p_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3950:-:::::::* cpe:2.3:h:qualcomm:sa6150p:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:h:qualcomm:qcc5100:-:::::::* cpe:2.3:o:qualcomm:qca6595au_firmware:-:::::::*
CWE		CWE-20

08 Aug 2023, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-08 10:15

Updated : 2024-04-12 17:16

NVD link : CVE-2023-21647

Mitre link : CVE-2023-21647

CVE.ORG link : CVE-2023-21647

JSON object : View

Products Affected

qualcomm

sd_8_gen1_5g
wsa8810
wcn7850
sa8155p_firmware
qca6391_firmware
sa8145p_firmware
sa6150p_firmware
sd870
qcs610_firmware
wcd9341
wcn6856
qcs610
qcn9074
qca6574au
wcn6856_firmware
sa6155p
qcn9074_firmware
qcs410
qca6426
wcn6855
sa8150p_firmware
qcc5100_firmware
wsa8830
qcc5100
wsa8835_firmware
wcd9380_firmware
wsa8810_firmware
wcn6850_firmware
qca6436
sw5100_firmware
wcn3680b_firmware
wsa8815
wcn6855_firmware
qca6595au
wcn7851
sa8150p
sa8155p
wcd9380
wcn7850_firmware
sa6145p_firmware
sdx55m_firmware
wsa8815_firmware
sd865_5g
sa8145p
qcs410_firmware
wcn3660b_firmware
qca6390
qca6426_firmware
wcn3950_firmware
sa6150p
qca6436_firmware
wcn3980_firmware
sa6155p_firmware
wcn3988
wcn3950
wcn6850
wcn3680b
wcd9341_firmware
wcn3980
sa6145p
wcn6851
wsa8830_firmware
sa8195p
qca6595au_firmware
qca6574au_firmware
sw5100p
sd_8_gen1_5g_firmware
sdx55m
sdxr2_5g
sa8195p_firmware
wcn3988_firmware
qca6390_firmware
sd870_firmware
qca6696_firmware
sd865_5g_firmware
wsa8835
wcn3660b
sw5100
qca6391
sdxr2_5g_firmware
qca6696
wcd9370_firmware
sw5100p_firmware
wcn6851_firmware
wcn7851_firmware
wcd9370

CWE

CWE-20

Improper Input Validation

6.5 /10