CVE-2023-51712

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-51712
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-51712.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-51712
Published
2024-09-05T16:15:06Z
Modified
2024-09-06T01:50:33.794086Z
Summary
[none]
Details

An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.

References

Affected packages

Git / git.trustedfirmware.org/TF-M/trusted-firmware-m.git

Affected ranges

Type
GIT
Repo
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9ca8a5eb3c85eecee1303dffa262800ea0385584

Affected versions

TF-Mv1.*

TF-Mv1.0
TF-Mv1.0-RC1
TF-Mv1.0-RC2
TF-Mv1.0-RC3
TF-Mv1.1
TF-Mv1.1-RC1
TF-Mv1.1-RC2
TF-Mv1.2-RC1
TF-Mv1.2-RC2
TF-Mv1.2-RC3
TF-Mv1.2.0
TF-Mv1.3.0
TF-Mv1.3.0-RC1
TF-Mv1.3.0-RC2
TF-Mv1.3.0-RC3
TF-Mv1.4.0
TF-Mv1.4.0-RC1
TF-Mv1.4.0-RC2
TF-Mv1.4.0-RC3
TF-Mv1.5.0
TF-Mv1.5.0-RC1
TF-Mv1.5.0-RC2
TF-Mv1.6.0
TF-Mv1.6.0-RC1
TF-Mv1.6.0-RC2
TF-Mv1.6.0-RC3
TF-Mv1.6.0-RC4
TF-Mv1.6.1
TF-Mv1.7.0
TF-Mv1.7.0-RC1
TF-Mv1.7.0-RC2
TF-Mv1.7.0-RC3
TF-Mv1.8.0
TF-Mv1.8.0-RC1
TF-Mv1.8.0-RC2
TF-Mv1.8.1

TF-Mv2.*

TF-Mv2.0.0
TF-Mv2.0.0-RC1
TF-Mv2.0.0-RC2

v1.*

v1.0-beta