CVE-2023-40104

In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted cryptographic certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://android.googlesource.com/platform/system/ca-certificates/+/91204b9fdbd77b3f27f94b73868607b2dccbfdad	Mailing List Patch
https://source.android.com/security/bulletin/2023-11-01	Patch Vendor Advisory
https://android.googlesource.com/platform/system/ca-certificates/+/91204b9fdbd77b3f27f94b73868607b2dccbfdad	Mailing List Patch
https://source.android.com/security/bulletin/2023-11-01	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:google:android:11.0:::::::*
	cpe:2.3:o:google:android:12.0:::::::*
	cpe:2.3:o:google:android:12.1:::::::*
	cpe:2.3:o:google:android:13.0:::::::*

History

16 Dec 2024, 19:33

Type	Values Removed	Values Added
CPE		cpe:2.3:o:google:android:13.0:::::::* cpe:2.3:o:google:android:12.1:::::::* cpe:2.3:o:google:android:12.0:::::::* cpe:2.3:o:google:android:11.0:::::::*
First Time		Google android Google
References	~~() https://android.googlesource.com/platform/system/ca-certificates/+/91204b9fdbd77b3f27f94b73868607b2dccbfdad -~~	() https://android.googlesource.com/platform/system/ca-certificates/+/91204b9fdbd77b3f27f94b73868607b2dccbfdad - Mailing List, Patch
References	~~() https://source.android.com/security/bulletin/2023-11-01 -~~	() https://source.android.com/security/bulletin/2023-11-01 - Patch, Vendor Advisory

Information

Published : 2024-02-15 23:15

Updated : 2024-12-16 19:33

NVD link : CVE-2023-40104

Mitre link : CVE-2023-40104

CVE.ORG link : CVE-2023-40104

JSON object : View

Products Affected

google

android

CWE

CWE-295

Improper Certificate Validation

{"id": "CVE-2023-40104", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-02-15T23:15:08.017", "references": [{"url": "https://android.googlesource.com/platform/system/ca-certificates/+/91204b9fdbd77b3f27f94b73868607b2dccbfdad", "tags": ["Mailing List", "Patch"], "source": "security@android.com"}, {"url": "https://source.android.com/security/bulletin/2023-11-01", "tags": ["Patch", "Vendor Advisory"], "source": "security@android.com"}, {"url": "https://android.googlesource.com/platform/system/ca-certificates/+/91204b9fdbd77b3f27f94b73868607b2dccbfdad", "tags": ["Mailing List", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://source.android.com/security/bulletin/2023-11-01", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-295"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted cryptographic certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."}, {"lang": "es", "value": "En los certificados ca, existe una forma posible de leer datos TLS cifrados debido a certificados criptogr\u00e1ficos que no son de confianza. Esto podr\u00eda conducir a la divulgaci\u00f3n remota de informaci\u00f3n sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."}], "lastModified": "2024-12-16T19:33:26.077", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"}, {"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"}, {"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"}, {"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"}], "operator": "OR"}]}], "sourceIdentifier": "security@android.com"}