Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-43551

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-03 Jun, 2024 | 10:05
Updated At-02 Aug, 2024 | 19:44
Rejected At-
Credits

Improper Authentication in Multi-Mode Call Processor

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:03 Jun, 2024 | 10:05
Updated At:02 Aug, 2024 | 19:44
Rejected At:
▼CVE Numbering Authority (CNA)
Improper Authentication in Multi-Mode Call Processor

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon
Platforms
  • Snapdragon Auto
  • Snapdragon Compute
  • Snapdragon Connectivity
  • Snapdragon Consumer IOT
  • Snapdragon Industrial IOT
  • Snapdragon Mobile
  • Snapdragon Voice & Music
  • Snapdragon Wearables
Default Status
unaffected
Versions
Affected
  • 315 5G IoT Modem
  • 9205 LTE Modem
  • 9206 LTE Modem
  • 9207 LTE Modem
  • APQ8017
  • APQ8037
  • AQT1000
  • AR6003
  • AR8035
  • C-V2X 9150
  • CSRA6620
  • CSRA6640
  • CSRB31024
  • FastConnect 6200
  • FastConnect 6700
  • FastConnect 6800
  • FastConnect 6900
  • FastConnect 7800
  • MDM8207
  • MDM9205S
  • MDM9230
  • MDM9250
  • MDM9330
  • MDM9615
  • MDM9628
  • MDM9630
  • MDM9640
  • MSM8108
  • MSM8209
  • MSM8608
  • MSM8909W
  • MSM8996AU
  • QCA4004
  • QCA6174
  • QCA6174A
  • QCA6310
  • QCA6320
  • QCA6335
  • QCA6391
  • QCA6420
  • QCA6421
  • QCA6426
  • QCA6430
  • QCA6431
  • QCA6436
  • QCA6564A
  • QCA6564AU
  • QCA6574
  • QCA6574A
  • QCA6574AU
  • QCA6584
  • QCA6584AU
  • QCA6595AU
  • QCA6696
  • QCA6698AQ
  • QCA8081
  • QCA8337
  • QCA9367
  • QCA9377
  • QCC710
  • QCM2290
  • QCM4290
  • QCM4325
  • QCM4490
  • QCM5430
  • QCM6125
  • QCM6490
  • QCM8550
  • QCN6024
  • QCN6224
  • QCN6274
  • QCN9024
  • QCS2290
  • QCS410
  • QCS4290
  • QCS4490
  • QCS5430
  • QCS610
  • QCS6125
  • QCS6490
  • QCS8550
  • QFW7114
  • QFW7124
  • QTS110
  • Qualcomm 205 Mobile Platform
  • Qualcomm 215 Mobile Platform
  • Qualcomm Video Collaboration VC1 Platform
  • Qualcomm Video Collaboration VC3 Platform
  • Robotics RB3 Platform
  • SC8180X+SDX55
  • SD 455
  • SD 675
  • SD626
  • SD660
  • SD670
  • SD675
  • SD730
  • SD820
  • SD835
  • SD855
  • SD865 5G
  • SD888
  • SDM429W
  • SDX55
  • SDX57M
  • SG4150P
  • SG8275P
  • SM6250
  • SM6250P
  • SM7250P
  • SM7315
  • SM7325P
  • SM8550P
  • Smart Audio 200 Platform
  • Smart Audio 400 Platform
  • Smart Display 200 Platform (APQ5053-AA)
  • Snapdragon 1100 Wearable Platform
  • Snapdragon 1200 Wearable Platform
  • Snapdragon 208 Processor
  • Snapdragon 210 Processor
  • Snapdragon 212 Mobile Platform
  • Snapdragon 4 Gen 1 Mobile Platform
  • Snapdragon 425 Mobile Platform
  • Snapdragon 429 Mobile Platform
  • Snapdragon 430 Mobile Platform
  • Snapdragon 439 Mobile Platform
  • Snapdragon 460 Mobile Platform
  • Snapdragon 480 5G Mobile Platform
  • Snapdragon 480+ 5G Mobile Platform (SM4350-AC)
  • Snapdragon 630 Mobile Platform
  • Snapdragon 636 Mobile Platform
  • Snapdragon 660 Mobile Platform
  • Snapdragon 662 Mobile Platform
  • Snapdragon 665 Mobile Platform
  • Snapdragon 670 Mobile Platform
  • Snapdragon 675 Mobile Platform
  • Snapdragon 678 Mobile Platform (SM6150-AC)
  • Snapdragon 680 4G Mobile Platform
  • Snapdragon 685 4G Mobile Platform (SM6225-AD)
  • Snapdragon 690 5G Mobile Platform
  • Snapdragon 695 5G Mobile Platform
  • Snapdragon 710 Mobile Platform
  • Snapdragon 712 Mobile Platform
  • Snapdragon 720G Mobile Platform
  • Snapdragon 730 Mobile Platform (SM7150-AA)
  • Snapdragon 730G Mobile Platform (SM7150-AB)
  • Snapdragon 732G Mobile Platform (SM7150-AC)
  • Snapdragon 750G 5G Mobile Platform
  • Snapdragon 765 5G Mobile Platform (SM7250-AA)
  • Snapdragon 765G 5G Mobile Platform (SM7250-AB)
  • Snapdragon 768G 5G Mobile Platform (SM7250-AC)
  • Snapdragon 778G 5G Mobile Platform
  • Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)
  • Snapdragon 780G 5G Mobile Platform
  • Snapdragon 782G Mobile Platform (SM7325-AF)
  • Snapdragon 7c Compute Platform (SC7180-AC)
  • Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro"
  • Snapdragon 7c+ Gen 3 Compute
  • Snapdragon 8 Gen 1 Mobile Platform
  • Snapdragon 8 Gen 2 Mobile Platform
  • Snapdragon 8+ Gen 1 Mobile Platform
  • Snapdragon 8+ Gen 2 Mobile Platform
  • Snapdragon 820 Automotive Platform
  • Snapdragon 835 Mobile PC Platform
  • Snapdragon 845 Mobile Platform
  • Snapdragon 850 Mobile Compute Platform
  • Snapdragon 855 Mobile Platform
  • Snapdragon 855+/860 Mobile Platform (SM8150-AC)
  • Snapdragon 865 5G Mobile Platform
  • Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
  • Snapdragon 870 5G Mobile Platform (SM8250-AC)
  • Snapdragon 888 5G Mobile Platform
  • Snapdragon 888+ 5G Mobile Platform (SM8350-AC)
  • Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite"
  • Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
  • Snapdragon 8cx Compute Platform (SC8180X-AA, AB)
  • Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro"
  • Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro"
  • Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)
  • Snapdragon Auto 5G Modem-RF
  • Snapdragon Auto 5G Modem-RF Gen 2
  • Snapdragon W5+ Gen 1 Wearable Platform
  • Snapdragon Wear 1300 Platform
  • Snapdragon Wear 2100 Platform
  • Snapdragon Wear 2500 Platform
  • Snapdragon Wear 3100 Platform
  • Snapdragon Wear 4100+ Platform
  • Snapdragon X12 LTE Modem
  • Snapdragon X24 LTE Modem
  • Snapdragon X5 LTE Modem
  • Snapdragon X50 5G Modem-RF System
  • Snapdragon X55 5G Modem-RF System
  • Snapdragon X65 5G Modem-RF System
  • Snapdragon X70 Modem-RF System
  • Snapdragon X75 5G Modem-RF System
  • Snapdragon XR1 Platform
  • Snapdragon XR2 5G Platform
  • Snapdragon Auto 4G Modem
  • SW5100
  • SW5100P
  • SXR1120
  • SXR2130
  • Vision Intelligence 100 Platform (APQ8053-AA)
  • Vision Intelligence 200 Platform (APQ8053-AC)
  • Vision Intelligence 300 Platform
  • Vision Intelligence 400 Platform
  • WCD9306
  • WCD9326
  • WCD9330
  • WCD9335
  • WCD9340
  • WCD9341
  • WCD9360
  • WCD9370
  • WCD9371
  • WCD9375
  • WCD9380
  • WCD9385
  • WCD9390
  • WCD9395
  • WCN3610
  • WCN3615
  • WCN3620
  • WCN3660B
  • WCN3680
  • WCN3680B
  • WCN3910
  • WCN3950
  • WCN3980
  • WCN3988
  • WCN3990
  • WCN6740
  • WSA8810
  • WSA8815
  • WSA8830
  • WSA8832
  • WSA8835
  • WSA8840
  • WSA8845
  • WSA8845H
Problem Types
TypeCWE IDDescription
CWECWE-287CWE-287 Improper Authentication
Type: CWE
CWE ID: CWE-287
Description: CWE-287 Improper Authentication
Metrics
VersionBase scoreBase severityVector
3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html
N/A
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
315_5g_iot_modem_firmware
CPEs
  • cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
9205_lte_modem_firmware
CPEs
  • cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
9206_lte_modem_firmware
CPEs
  • cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
9207_lte_modem_firmware
CPEs
  • cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
apq8017_firmware
CPEs
  • cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
apq8037_firmware
CPEs
  • cpe:2.3:o:qualcomm:apq8037_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
aqt1000_firmware
CPEs
  • cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
ar6003_firmware
CPEs
  • cpe:2.3:o:qualcomm:ar6003_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
ar8035_firmware
CPEs
  • cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
c-v2x_9150_firmware
CPEs
  • cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
csra6620_firmware
CPEs
  • cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
csra6640_firmware
CPEs
  • cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
csrb31024_firmware
CPEs
  • cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
fastconnect_6200_firmware
CPEs
  • cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
fastconnect_6700_firmware
CPEs
  • cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
fastconnect_6800_firmware
CPEs
  • cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
fastconnect_6900_firmware
CPEs
  • cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
fastconnect_7800_firmware
CPEs
  • cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
mdm8207_firmware
CPEs
  • cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
mdm9205s_firmware
CPEs
  • cpe:2.3:o:qualcomm:mdm9205s_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
mdm9230_firmware
CPEs
  • cpe:2.3:o:qualcomm:mdm9230_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
mdm9250_firmware
CPEs
  • cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
mdm9330_firmware
CPEs
  • cpe:2.3:o:qualcomm:mdm9330_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
mdm9615_firmware
CPEs
  • cpe:2.3:o:qualcomm:mdm9615_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
mdm9628_firmware
CPEs
  • cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
mdm9630_firmware
CPEs
  • cpe:2.3:o:qualcomm:mdm9630_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
mdm9640_firmware
CPEs
  • cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
msm8108_firmware
CPEs
  • cpe:2.3:o:qualcomm:msm8108_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
msm8209_firmware
CPEs
  • cpe:2.3:o:qualcomm:msm8209_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
msm8608_firmware
CPEs
  • cpe:2.3:o:qualcomm:msm8608_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
msm8909w_firmware
CPEs
  • cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
msm8996au_firmware
CPEs
  • cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca4004_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6174_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6174_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6174a_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6310_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6320_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6335_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6391_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6420_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6421_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6426_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6430_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6431_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6436_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6564a_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6564au_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6574_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6574a_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6574au_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6584_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6584_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6584au_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6595au_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6696_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca6698aq_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca8081_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca8337_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca9367_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qca9377_firmware
CPEs
  • cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcc710_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcc710_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcm2290_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcm4290_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcm4325_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcm4490_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcm5430_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcm6125_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcm6490_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcm8550_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcn6024_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcn6224_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcn6224_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcn6274_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcn6274_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcn9024_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs2290_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs410_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs4290_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs4490_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs5430_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs610_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs6125_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs6490_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs8550_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qfw7114_firmware
CPEs
  • cpe:2.3:o:qualcomm:qfw7114_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qfw7124_firmware
CPEs
  • cpe:2.3:o:qualcomm:qfw7124_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qts110_firmware
CPEs
  • cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qualcomm_205_mobile_platform_firmware
CPEs
  • cpe:2.3:o:qualcomm:qualcomm_205_mobile_platform_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qualcomm_215_mobile_platform_firmware
CPEs
  • cpe:2.3:o:qualcomm:qualcomm_215_mobile_platform_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qualcomm_video_collaboration_vc1_platform_firmware
CPEs
  • cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qualcomm_video_collaboration_vc3_platform_firmware
CPEs
  • cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
robotics_rb3_platform_firmware
CPEs
  • cpe:2.3:o:qualcomm:robotics_rb3_platform_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd_455_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd_675_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd626_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd626_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd660_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd670_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd675_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd730_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd820_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd835_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd855_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd865_5g_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sd888_firmware
CPEs
  • cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • *
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html
x_transferred
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:03 Jun, 2024 | 10:15
Updated At:11 Aug, 2025 | 15:06

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Type: Secondary
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>315_5g_iot_modem_firmware>>-
cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>315_5g_iot_modem>>-
cpe:2.3:h:qualcomm:315_5g_iot_modem:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>9205_lte_modem_firmware>>-
cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>9205_lte_modem>>-
cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>9206_lte_modem_firmware>>-
cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>9206_lte_modem>>-
cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>9207_lte_modem_firmware>>-
cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>9207_lte_modem>>-
cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8017_firmware>>-
cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8017>>-
cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8037_firmware>>-
cpe:2.3:o:qualcomm:apq8037_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8037>>-
cpe:2.3:h:qualcomm:apq8037:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000_firmware>>-
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000>>-
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar6003_firmware>>-
cpe:2.3:o:qualcomm:ar6003_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar6003>>-
cpe:2.3:h:qualcomm:ar6003:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035_firmware>>-
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035>>-
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>c-v2x_9150_firmware>>-
cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>c-v2x_9150>>-
cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6620_firmware>>-
cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6620>>-
cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6640_firmware>>-
cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6640>>-
cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csrb31024_firmware>>-
cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csrb31024>>-
cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6200_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6200>>-
cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6700_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6700>>-
cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6800_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6800>>-
cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6900_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6900>>-
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_7800_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_7800>>-
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm8207_firmware>>-
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm8207>>-
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9205s_firmware>>-
cpe:2.3:o:qualcomm:mdm9205s_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9205s>>-
cpe:2.3:h:qualcomm:mdm9205s:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9230_firmware>>-
cpe:2.3:o:qualcomm:mdm9230_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9230>>-
cpe:2.3:h:qualcomm:mdm9230:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9250_firmware>>-
cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9250>>-
cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9330_firmware>>-
cpe:2.3:o:qualcomm:mdm9330_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9330>>-
cpe:2.3:h:qualcomm:mdm9330:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9615_firmware>>-
cpe:2.3:o:qualcomm:mdm9615_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9615>>-
cpe:2.3:h:qualcomm:mdm9615:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9628_firmware>>-
cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9628>>-
cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Secondaryproduct-security@qualcomm.com
CWE-287Primarynvd@nist.gov
CWE ID: CWE-287
Type: Secondary
Source: product-security@qualcomm.com
CWE ID: CWE-287
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.htmlproduct-security@qualcomm.com
Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html
Source: product-security@qualcomm.com
Resource:
Vendor Advisory
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

210Records found
CVE-2021-23847
Matching Score-4
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-4
Assigner-Robert Bosch GmbH
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 55.77%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 14:19
Updated-17 Sep, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Information Extraction Vulnerability

A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with firmware 7.70, 7.72, and 7.80 prior to B128 are affected by this vulnerability. Versions 7.62 or lower and INTEOX cameras are not affected.

Action-Not Available
Vendor-Robert Bosch GmbH
Product-cpp7_firmwarecpp7.3_firmwarecpp7.3cpp7cpp6_firmwarecpp6CPP Firmware
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-39355
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.09% / 25.79%
||
7 Day CHG+0.01%
Published-26 Oct, 2022 | 00:00
Updated-23 Apr, 2025 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Discourse Patreon vulnerable to improper validation of email during Patreon authentication

Discourse Patreon enables syncronization between Discourse Groups and Patreon rewards. On sites with Patreon login enabled, an improper authentication vulnerability could be used to take control of a victim's forum account. This vulnerability is patched in commit number 846d012151514b35ce42a1636c7d70f6dcee879e of the discourse-patreon plugin. Out of an abundance of caution, any Discourse accounts which have logged in with an unverified-email Patreon account will be logged out and asked to verify their email address on their next login. As a workaround, disable the patreon integration and log out all users with associated Patreon accounts.

Action-Not Available
Vendor-Civilized Discourse Construction Kit, Inc.
Product-patreondiscourse-patreon
CWE ID-CWE-287
Improper Authentication
CVE-2023-22501
Matching Score-4
Assigner-Atlassian
ShareView Details
Matching Score-4
Assigner-Atlassian
CVSS Score-9.4||CRITICAL
EPSS-1.67% / 81.37%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 18:00
Updated-01 Oct, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances_._ With write access to a User Directory and outgoing email enabled on a Jira Service Management instance, an attacker could gain access to signup tokens sent to users with accounts that have never been logged into. Access to these tokens can be obtained in two cases: * If the attacker is included on Jira issues or requests with these users, or * If the attacker is forwarded or otherwise gains access to emails containing a “View Request” link from these users. Bot accounts are particularly susceptible to this scenario. On instances with single sign-on, external customer accounts can be affected in projects where anyone can create their own account.

Action-Not Available
Vendor-Atlassian
Product-jira_service_managementJira Service Management Data CenterJira Service Management Server
CWE ID-CWE-287
Improper Authentication
CVE-2022-3119
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-0.10% / 28.32%
||
7 Day CHG~0.00%
Published-26 Sep, 2022 | 12:35
Updated-21 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OAuth client Single Sign On for WordPress < 3.0.4 - Unauthenticated Settings Update to Authentication Bypass

The OAuth client Single Sign On WordPress plugin before 3.0.4 does not have authorisation and CSRF when updating its settings, which could allow unauthenticated attackers to update them and change the OAuth endpoints to ones they controls, allowing them to then be authenticated as admin if they know the correct email address

Action-Not Available
Vendor-oauth_client_single_sign_on_projectUnknown
Product-oauth_client_single_sign_onOAuth client Single Sign On for WordPress ( OAuth 2.0 SSO )
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2022-31164
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.49%
||
7 Day CHG~0.00%
Published-21 Jul, 2022 | 13:35
Updated-23 Apr, 2025 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tovy before v0.7.51 vulnerable to users logging in as and impersonating other users

Tovy is a a staff management system for Roblox groups. A vulnerability in versions prior to 0.7.51 allows users to log in as other users, including privileged users such as the other of the instance. The problem has been patched in version 0.7.51.

Action-Not Available
Vendor-tovybloxtovyblox
Product-tovytovy
CWE ID-CWE-287
Improper Authentication
CVE-2024-8956
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.1||CRITICAL
EPSS-86.91% / 99.39%
||
7 Day CHG~0.00%
Published-17 Sep, 2024 | 19:59
Updated-30 Jul, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-11-25||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
PTZOptics NDI and SDI Cameras /cgi-bin/param.cgi Insufficient Authentication

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can leak sensitive data such as usernames, password hashes, and configurations details. Additionally, the attacker can update individual configuration values or overwrite the whole file.

Action-Not Available
Vendor-PTZOptics
Product-pt30x-ndi-xx-g2_firmwarept30x-sdi_firmwarept30x-ndi-xx-g2pt30x-sdiPT30X-NDIPT30X-SDIpt30x-ndi-xx-g2_firmwarept30x-sdi_firmwarePT30X-SDI/NDI Cameras
CWE ID-CWE-287
Improper Authentication
CVE-2021-29047
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.79%
||
7 Day CHG~0.00%
Published-16 May, 2021 | 15:29
Updated-03 Aug, 2024 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SimpleCaptcha implementation in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.3 before fix pack 1 does not invalidate CAPTCHA answers after it is used, which allows remote attackers to repeatedly perform actions protected by a CAPTCHA challenge by reusing the same CAPTCHA answer.

Action-Not Available
Vendor-n/aLiferay Inc.
Product-dxpliferay_portaln/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-4593
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.85%
||
7 Day CHG~0.00%
Published-11 Dec, 2019 | 13:45
Updated-06 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RubyGem omniauth-facebook has an access token security vulnerability

Action-Not Available
Vendor-omniauth-facebook_projectomniauth-facebook
Product-omniauth-facebookomniauth-facebook
CWE ID-CWE-287
Improper Authentication
CVE-2020-7378
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-9.1||CRITICAL
EPSS-8.69% / 92.10%
||
7 Day CHG~0.00%
Published-24 Nov, 2020 | 16:35
Updated-16 Sep, 2024 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CRIXP OpenCRX Unverified Password Change

CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in version 5.0-20200904, released September 4, 2020.

Action-Not Available
Vendor-opencrxCRIXP
Product-opencrxOpenCRX
CWE ID-CWE-620
Unverified Password Change
CWE ID-CWE-287
Improper Authentication
CVE-2020-36176
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.83%
||
7 Day CHG~0.00%
Published-06 Jan, 2021 | 14:47
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs.

Action-Not Available
Vendor-n/aSolidWP (iThemes)
Product-ithemes_securityn/a
CWE ID-CWE-287
Improper Authentication
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found