CVE-2020-26557 - log back

CVE-2020-26557 edited at 26 May 2021 19:59:01
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Private key recovery
Description
+ Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=1960009
+ https://kb.cert.org/vuls/id/799380
+ https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/
CVE-2020-26557 created at 26 May 2021 19:55:42
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes