CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin	Patch Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcc5100:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND

cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND

cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND

cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND

cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND

cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND

cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:43

Type	Values Removed	Values Added
References	~~() https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin - Patch, Vendor Advisory~~	() https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin - Patch, Vendor Advisory

12 Apr 2024, 17:16

Type	Values Removed	Values Added
Summary		(es) Revelación de información en Bluetooth cuando se recibe un paquete GATT debido a una validación de entrada incorrecta.

10 Aug 2023, 15:49

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
CPE		cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn6851:-:::::::* cpe:2.3:o:qualcomm:qcn9074_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8155p_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9370:-:::::::* cpe:2.3:h:qualcomm:sdxr2_5g:-:::::::* cpe:2.3:o:qualcomm:wcd9341_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3660b_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3680b:-:::::::* cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn7851:-:::::::* cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:::::::* cpe:2.3:h:qualcomm:sw5100p:-:::::::* cpe:2.3:h:qualcomm:qca6595au:-:::::::* cpe:2.3:h:qualcomm:qca6696:-:::::::* cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6145p_firmware:-:::::::* cpe:2.3:o:qualcomm:sw5100p_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3660b:-:::::::* cpe:2.3:h:qualcomm:wcn3988:-:::::::* cpe:2.3:o:qualcomm:qca6426_firmware:-:::::::* cpe:2.3:h:qualcomm:qcn9074:-:::::::* cpe:2.3:o:qualcomm:sw5100_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6851_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6390_firmware:-:::::::* cpe:2.3:o:qualcomm:sd865_5g_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9341:-:::::::* cpe:2.3:h:qualcomm:sa6145p:-:::::::* cpe:2.3:o:qualcomm:wcn3950_firmware:-:::::::* cpe:2.3:h:qualcomm:sdx55m:-:::::::* cpe:2.3:h:qualcomm:qcs410:-:::::::* cpe:2.3:h:qualcomm:qca6436:-:::::::* cpe:2.3:h:qualcomm:wcn3950:-:::::::* cpe:2.3:h:qualcomm:qca6426:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:h:qualcomm:wcn3980:-:::::::* cpe:2.3:o:qualcomm:wcn3988_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6150p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6155p_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn6850:-:::::::* cpe:2.3:o:qualcomm:qcc5100_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6391_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn7851_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6595au_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn7850:-:::::::* cpe:2.3:o:qualcomm:wcn6850_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:h:qualcomm:wcn6856:-:::::::* cpe:2.3:o:qualcomm:qca6436_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:sa6150p:-:::::::* cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:o:qualcomm:qcs410_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn6855:-:::::::* cpe:2.3:o:qualcomm:sa8150p_firmware:-:::::::* cpe:2.3:h:qualcomm:qcs610:-:::::::* cpe:2.3:o:qualcomm:wcn6856_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6390:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:h:qualcomm:qca6574au:-:::::::* cpe:2.3:h:qualcomm:sa8195p:-:::::::* cpe:2.3:o:qualcomm:sa8195p_firmware:-:::::::* cpe:2.3:h:qualcomm:sd865_5g:-:::::::* cpe:2.3:h:qualcomm:qcc5100:-:::::::* cpe:2.3:o:qualcomm:sa8145p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa6155p:-:::::::* cpe:2.3:h:qualcomm:sa8145p:-:::::::* cpe:2.3:o:qualcomm:wcn3680b_firmware:-:::::::* cpe:2.3:h:qualcomm:sw5100:-:::::::* cpe:2.3:h:qualcomm:sa8150p:-:::::::* cpe:2.3:o:qualcomm:wcn7850_firmware:-:::::::* cpe:2.3:o:qualcomm:sdx55m_firmware:-:::::::* cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:::::::* cpe:2.3:o:qualcomm:qcs610_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:o:qualcomm:sd870_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6391:-:::::::* cpe:2.3:h:qualcomm:sd870:-:::::::* cpe:2.3:h:qualcomm:sa8155p:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6855_firmware:-:::::::*
References	~~(MISC) https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin -~~	(MISC) https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin - Patch, Vendor Advisory
CWE		CWE-20

08 Aug 2023, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-08 10:15

Updated : 2024-11-21 07:43

NVD link : CVE-2023-21647

Mitre link : CVE-2023-21647

CVE.ORG link : CVE-2023-21647

JSON object : View

Products Affected

qualcomm

qcs610_firmware
qcs610
qca6696
sw5100p
wsa8835
sa8145p_firmware
sa6150p
sw5100p_firmware
wcn7850_firmware
wcn3660b
qcs410
wcd9341
sd865_5g
wcd9380_firmware
sa6145p_firmware
sa8150p_firmware
wcn6855
sa8150p
wcn3680b
sdx55m_firmware
sa6155p
sa8195p_firmware
wsa8830_firmware
wsa8815
wcn3988_firmware
qcc5100
qca6595au_firmware
wcn3950
sa8155p_firmware
wcn7851
qca6391_firmware
qca6574au_firmware
sdxr2_5g_firmware
sw5100
wsa8835_firmware
sd870
sa8145p
wcn3680b_firmware
wcn3988
qcn9074
sdx55m
wcd9380
qca6595au
sa6145p
wcd9370_firmware
sa6150p_firmware
qca6696_firmware
sd_8_gen1_5g_firmware
qcn9074_firmware
qca6574au
wsa8810_firmware
sa8155p
wcn3660b_firmware
qca6391
qca6436
qca6426_firmware
sa8195p
qcs410_firmware
wcn6851
wcn6851_firmware
sw5100_firmware
wcn6855_firmware
wcn3980
wsa8810
wcn3950_firmware
qca6390_firmware
qca6426
wsa8815_firmware
sd865_5g_firmware
wcd9370
wcn3980_firmware
wsa8830
sa6155p_firmware
wcn7851_firmware
wcn6850
qca6436_firmware
sd870_firmware
wcn7850
wcn6856_firmware
qcc5100_firmware
wcn6856
sdxr2_5g
qca6390
wcn6850_firmware
wcd9341_firmware
sd_8_gen1_5g

CWE

CWE-20

Improper Input Validation

6.5 /10