ghsa-mp2x-rxhg-987g
Vulnerability from github
Published
2022-09-03 00:00
Modified
2022-09-09 00:00
Severity
Details
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
{ "affected": [], "aliases": [ "CVE-2021-35097" ], "database_specific": { "cwe_ids": [ "CWE-347" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2022-09-02T12:15:00Z", "severity": "MODERATE" }, "details": "Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables", "id": "GHSA-mp2x-rxhg-987g", "modified": "2022-09-09T00:00:56Z", "published": "2022-09-03T00:00:24Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35097" }, { "type": "WEB", "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
Loading...