ByteOS Network

NVD Vulnerability Details :

CVE-2017-5731

Analyzed

Source-secure@intel.com

Published At-28 Oct, 2019 | 15:15

Updated At-18 Nov, 2019 | 17:38

Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

tianocore>>edk2>>Versions before 2017-11-07(exclusive)

cpe:2.3:a:tianocore:edk2:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-119	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
https://bugzilla.tianocore.org/show_bug.cgi?id=686	secure@intel.com	Issue Tracking Patch Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History