CVE-2020-0556
- Source
- https://cve.org/CVERecord?id=CVE-2020-0556
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-0556.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-0556
- Downstream
- Related
- Published
- 2020-03-12T21:15:14.157Z
- Modified
- 2026-05-28T04:05:12.457404871Z
- Severity
-
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS Calculator
- Summary
- [none]
- Details
-
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
- Database specific
{ "unresolved_ranges": [ { "extracted_events": [ { "last_affected": "16.04" }, { "last_affected": "18.04" }, { "last_affected": "19.10" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" ], "vendor_product": "canonical:ubuntu_linux" }, { "extracted_events": [ { "last_affected": "8.0" }, { "last_affected": "9.0" }, { "last_affected": "10.0" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" ], "vendor_product": "debian:debian_linux" }, { "source": "CPE_STRING", "extracted_events": [ { "last_affected": "15.1" }, { "last_affected": "15.2" } ], "cpes": [ "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*" ], "vendor_product": "opensuse:leap" } ] }- References
-
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html
- https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html
- https://security.gentoo.org/glsa/202003-49
- https://usn.ubuntu.com/4311-1/
- https://www.debian.org/security/2020/dsa-4647
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html
Affected packages
Git / github.com/bluez/bluez
Affected versions
4.*
4.0
4.1
4.10
4.100
4.101
4.11
4.12
4.13
4.14
4.15
4.16
4.17
4.18
4.19
4.2
4.20
4.21
4.22
4.23
4.24
4.25
4.26
4.27
4.28
4.29
4.30
4.31
4.32
4.33
4.34
4.35
4.36
4.37
4.38
4.39
4.40
4.41
4.42
4.43
4.44
4.45
4.46
4.47
4.48
4.49
4.5
4.50
4.51
4.52
4.53
4.54
4.55
4.56
4.57
4.58
4.59
4.6
4.60
4.61
4.62
4.63
4.64
4.65
4.66
4.67
4.68
4.69
4.7
4.70
4.71
4.72
4.73
4.74
4.75
4.76
4.77
4.78
4.79
4.8
4.80
4.81
4.82
4.83
4.84
4.85
4.86
4.87
4.88
4.89
4.9
4.90
4.91
4.92
4.93
4.94
4.95
4.96
4.97
4.98
4.99
5.*
5.0
5.1
5.10
5.11
5.12
5.13
5.14
5.15
5.16
5.17
5.18
5.19
5.2
5.20
5.21
5.22
5.23
5.24
5.25
5.26
5.27
5.28
5.29
5.3
5.30
5.31
5.32
5.33
5.34
5.35
5.36
5.37
5.38
5.39
5.4
5.40
5.41
5.42
5.43
5.44
5.45
5.46
5.47
5.48
5.49
5.5
5.50
5.51
5.52
5.53
5.6
5.7
5.8
5.9