CVE-2023-51712
- Source
- https://cve.org/CVERecord?id=CVE-2023-51712
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-51712.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-51712
- Withdrawn
- 2025-01-15T01:47:35.763265Z
- Published
- 2024-09-05T16:15:06Z
- Modified
- 2024-12-05T07:51:09.835517Z
- Severity
-
- 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.
- References
Affected packages
Git / git.trustedfirmware.org/TF-M/trusted-firmware-m.git
Affected ranges
- Type
- GIT
- Repo
- https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected9ca8a5eb3c85eecee1303dffa262800ea0385584
Affected versions
TF-Mv1.*
TF-Mv1.0
TF-Mv1.0-RC1
TF-Mv1.0-RC2
TF-Mv1.0-RC3
TF-Mv1.1
TF-Mv1.1-RC1
TF-Mv1.1-RC2
TF-Mv1.2-RC1
TF-Mv1.2-RC2
TF-Mv1.2-RC3
TF-Mv1.2.0
TF-Mv1.3.0
TF-Mv1.3.0-RC1
TF-Mv1.3.0-RC2
TF-Mv1.3.0-RC3
TF-Mv1.4.0
TF-Mv1.4.0-RC1
TF-Mv1.4.0-RC2
TF-Mv1.4.0-RC3
TF-Mv1.5.0
TF-Mv1.5.0-RC1
TF-Mv1.5.0-RC2
TF-Mv1.6.0
TF-Mv1.6.0-RC1
TF-Mv1.6.0-RC2
TF-Mv1.6.0-RC3
TF-Mv1.6.0-RC4
TF-Mv1.6.1
TF-Mv1.7.0
TF-Mv1.7.0-RC1
TF-Mv1.7.0-RC2
TF-Mv1.7.0-RC3
TF-Mv1.8.0
TF-Mv1.8.0-RC1
TF-Mv1.8.0-RC2
TF-Mv1.8.1
TF-Mv2.*
TF-Mv2.0.0
TF-Mv2.0.0-RC1
TF-Mv2.0.0-RC2
v1.*
v1.0-beta