VAR-201807-0114
Vulnerability from variot - Updated: 2023-12-18 12:44GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB-BXi7-5775 (version F2) platforms does not securely implement BIOSWE, BLE, SMM_BWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash. It also is not cryptographically signed. These issues can be used to run rootkits at the firmware level or permanently disrupt service to the system. (DoS) It is possible to execute an attack. Failure of protection mechanism (CWE-693) - CVE-2017-3197 GIGABYTE BRIX Platform to protect firmware writing BIOSWE , BLE , SMM_BWP , PRx There is a problem where the bits are not set properly. as a result, SPI flash May be tampered with. Inadequate verification of data reliability (CWE-345) - CVE-2017-3198 GIGABYTE BRIX of UEFI Firmware update is not signed. Also, from the support page without checksum HTTP Is provided via. As a result, even if the firmware is tampered with, it cannot be detected. For more information, Cylance Advisory for CLVA-2017-01-001 and CLVA-2017-01-002 Please refer to. CLVA-2017-01-001 https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2017-01-001.md CLVA-2017-01-002 https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2017-01-002.mdAn attacker could run a rootkit at the firmware level or permanently disrupt service to the system (DoS) An attack may be executed. Multiple GIGABYTE Products are prone to multiple security-bypass vulnerabilities. A local attacker may exploit these issues to bypass certain security restrictions and perform unauthorized actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-0114",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gb-bsi7h-6500",
"scope": "eq",
"trust": 1.6,
"vendor": "gigabyte",
"version": "f6"
},
{
"model": "gb-bxi7-5775",
"scope": "eq",
"trust": 1.6,
"vendor": "gigabyte",
"version": "f2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gigabyte",
"version": null
},
{
"model": "brix gb-bsi7h-6500",
"scope": "eq",
"trust": 0.8,
"vendor": "gigabyte",
"version": "(uefi firmware version f6)"
},
{
"model": "brix gb-bxi7-5775",
"scope": "eq",
"trust": 0.8,
"vendor": "gigabyte",
"version": "(uefi firmware version f2)"
},
{
"model": "gb-bxi7-5775 brix uefi vf6",
"scope": null,
"trust": 0.3,
"vendor": "gigabyte",
"version": null
},
{
"model": "gb-bxi7-5775 brix uefi vf2",
"scope": null,
"trust": 0.3,
"vendor": "gigabyte",
"version": null
},
{
"model": "gb-bsi7h-6500 brix uefi vf6",
"scope": null,
"trust": 0.3,
"vendor": "gigabyte",
"version": null
},
{
"model": "gb-bsi7h-6500 brix uefi vf2",
"scope": null,
"trust": 0.3,
"vendor": "gigabyte",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#507496"
},
{
"db": "BID",
"id": "97294"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3197"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:gigabyte:gb-bsi7h-6500_firmware:f6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:gigabyte:gb-bsi7h-6500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:gigabyte:gb-bxi7-5775_firmware:f2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:gigabyte:gb-bxi7-5775:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3197"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alex Matrosov of Cylance",
"sources": [
{
"db": "BID",
"id": "97294"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
],
"trust": 0.9
},
"cve": "CVE-2017-3197",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 7.6,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2017-005602",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-111400",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-3197",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 7.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-005602",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3197",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "IPA",
"id": "JVNDB-2017-005602",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-590",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-111400",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-3197",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111400"
},
{
"db": "VULMON",
"id": "CVE-2017-3197"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3197"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB-BXi7-5775 (version F2) platforms does not securely implement BIOSWE, BLE, SMM_BWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash. It also is not cryptographically signed. These issues can be used to run rootkits at the firmware level or permanently disrupt service to the system. (DoS) It is possible to execute an attack. Failure of protection mechanism (CWE-693) - CVE-2017-3197 GIGABYTE BRIX Platform to protect firmware writing BIOSWE , BLE , SMM_BWP , PRx There is a problem where the bits are not set properly. as a result, SPI flash May be tampered with. Inadequate verification of data reliability (CWE-345) - CVE-2017-3198 GIGABYTE BRIX of UEFI Firmware update is not signed. Also, from the support page without checksum HTTP Is provided via. As a result, even if the firmware is tampered with, it cannot be detected. For more information, Cylance Advisory for CLVA-2017-01-001 and CLVA-2017-01-002 Please refer to. CLVA-2017-01-001 https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2017-01-001.md CLVA-2017-01-002 https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2017-01-002.mdAn attacker could run a rootkit at the firmware level or permanently disrupt service to the system (DoS) An attack may be executed. Multiple GIGABYTE Products are prone to multiple security-bypass vulnerabilities. \nA local attacker may exploit these issues to bypass certain security restrictions and perform unauthorized actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3197"
},
{
"db": "CERT/CC",
"id": "VU#507496"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "BID",
"id": "97294"
},
{
"db": "VULHUB",
"id": "VHN-111400"
},
{
"db": "VULMON",
"id": "CVE-2017-3197"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#507496",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2017-3197",
"trust": 2.9
},
{
"db": "BID",
"id": "97294",
"trust": 2.1
},
{
"db": "JVN",
"id": "JVNVU90556561",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-590",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-111400",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-3197",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#507496"
},
{
"db": "VULHUB",
"id": "VHN-111400"
},
{
"db": "VULMON",
"id": "CVE-2017-3197"
},
{
"db": "BID",
"id": "97294"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3197"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
]
},
"id": "VAR-201807-0114",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-111400"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:44:00.562000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "GB-BSi7H-6500",
"trust": 0.8,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bsi7h-6500-rev-10#ov"
},
{
"title": "GB-BXi7-5775",
"trust": 0.8,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bxi7-5775-rev-10#ov"
},
{
"title": "Various GIGABYTE product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=70176"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/gigabyte-firmware-flaws-allow-the-installation-of-uefi-ransomware/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3197"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
},
{
"problemtype": "CWE-345",
"trust": 0.8
},
{
"problemtype": "CWE-693",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111400"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3197"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://github.com/cylancevulnresearch/disclosures/blob/master/clva-2017-01-002.md"
},
{
"trust": 2.7,
"url": "https://www.kb.cert.org/vuls/id/507496"
},
{
"trust": 2.6,
"url": "https://github.com/cylancevulnresearch/disclosures/blob/master/clva-2017-01-001.md"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/97294"
},
{
"trust": 1.8,
"url": "https://www.cylance.com/en_us/blog/gigabyte-brix-systems-vulnerabilities.html"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/693.html"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/353.html"
},
{
"trust": 0.8,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bsi7h-6500-rev-10"
},
{
"trust": 0.8,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bxi7-5775-rev-10"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3197"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3198"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90556561/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3197"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3198"
},
{
"trust": 0.3,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bxi7-5775-rev-10#ov"
},
{
"trust": 0.3,
"url": "https://github.com/cylancevulnresearch/disclosures/blob/master/clva-2017-01-001.md "
},
{
"trust": 0.3,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bsi7h-6500-rev-10#ov "
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/507496 "
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#507496"
},
{
"db": "VULHUB",
"id": "VHN-111400"
},
{
"db": "VULMON",
"id": "CVE-2017-3197"
},
{
"db": "BID",
"id": "97294"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3197"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#507496"
},
{
"db": "VULHUB",
"id": "VHN-111400"
},
{
"db": "VULMON",
"id": "CVE-2017-3197"
},
{
"db": "BID",
"id": "97294"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3197"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-31T00:00:00",
"db": "CERT/CC",
"id": "VU#507496"
},
{
"date": "2018-07-09T00:00:00",
"db": "VULHUB",
"id": "VHN-111400"
},
{
"date": "2018-07-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3197"
},
{
"date": "2017-03-31T00:00:00",
"db": "BID",
"id": "97294"
},
{
"date": "2017-08-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"date": "2018-07-09T19:29:00.247000",
"db": "NVD",
"id": "CVE-2017-3197"
},
{
"date": "2017-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-31T00:00:00",
"db": "CERT/CC",
"id": "VU#507496"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-111400"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3197"
},
{
"date": "2017-04-04T00:03:00",
"db": "BID",
"id": "97294"
},
{
"date": "2017-08-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"date": "2019-10-09T23:27:21.853000",
"db": "NVD",
"id": "CVE-2017-3197"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GIGABYTE BRIX UEFI firmware fails to implement write protection and is not cryptographically signed",
"sources": [
{
"db": "CERT/CC",
"id": "VU#507496"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-590"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…