Products
Qualcomm products
Source
product-security@qualcomm.com
Tags
CVE-2024-21466 details
Published : July 1, 2024, 3:15 p.m.
Last Modified : July 1, 2024, 4:37 p.m.
Last Modified : July 1, 2024, 4:37 p.m.
Description
Information disclosure while parsing sub-IE length during new IE generation.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6.5 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-191 | Integer Underflow (Wrap or Wraparound) | The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result. |
CVSS Data
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
LOW
Base Score
6.5
Exploitability Score
3.9
Impact Score
2.5
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
References
| URL | Source |
|---|---|
| https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html | product-security@qualcomm.com |
This website uses the NVD API, but is not approved or certified by it.