← Back

CVE-2017-1000250

nvd nist
Published: Sep 12, 2017Modified: May 13, 2026

JSON object

Loading...
6.5
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.

Affected (1)

Products: Bluez: Bluez
Bluez
1 product
Bluez
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Bluez
Up to 5.46

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (17)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Source: cve@mitre.org
Not Applicable
Source: cve@mitre.org
ExploitTechnical DescriptionThird Party Advisory
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Source: nvd@nist.gov
Issue TrackingThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitTechnical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.