CVE-2019-9506 - 漏洞详情

CVE-2019-9506 (CNNVD-201908-864)

HIGH

中文标题:

Bluetooth BR/EDR 加密问题漏洞

英文标题:

Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation

CVSS分数: 7.6

发布时间: 2019-08-14 16:27:45

漏洞类型: 加密问题

状态: PUBLISHED

数据质量分数: 0.30

数据版本: v3

漏洞描述

中文描述:

Bluetooth BR/EDR是一种蓝牙BR/EDR（基本速率/增强数据速率）标准。 Bluetooth BR/EDR 5.1及之前版本中存在加密问题漏洞。该漏洞源于网络系统或产品未正确使用相关密码算法，导致内容未正确加密、弱加密、明文存储敏感信息等。

英文描述:

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.

CWE类型:

CWE-310 CWE-327

受影响产品

厂商	产品	版本	版本范围	平台	CPE
Bluetooth	BR/EDR	-	≤ 5.1	-	`cpe:2.3:a:bluetooth:br_edr::::::::`
google	android	-	-	-	`cpe:2.3:o:google:android:-:::::::*`
apple	iphone_os	12.4	-	-	`cpe:2.3:o:apple:iphone_os:12.4:::::::*`
apple	mac_os_x	10.12.6	-	-	`cpe:2.3:o:apple:mac_os_x:10.12.6:::::::*`
apple	mac_os_x	10.13.6	-	-	`cpe:2.3:o:apple:mac_os_x:10.13.6:::::::*`
apple	mac_os_x	10.14.5	-	-	`cpe:2.3:o:apple:mac_os_x:10.14.5:::::::*`
apple	tvos	12.4	-	-	`cpe:2.3:o:apple:tvos:12.4:::::::*`
apple	watchos	5.3	-	-	`cpe:2.3:o:apple:watchos:5.3:::::::*`
canonical	ubuntu_linux	16.04	-	-	`cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::`
canonical	ubuntu_linux	18.04	-	-	`cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::`
canonical	ubuntu_linux	19.04	-	-	`cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*`
debian	debian_linux	8.0	-	-	`cpe:2.3:o:debian:debian_linux:8.0:::::::*`
opensuse	leap	15.0	-	-	`cpe:2.3:o:opensuse:leap:15.0:::::::*`
opensuse	leap	15.1	-	-	`cpe:2.3:o:opensuse:leap:15.1:::::::*`
redhat	mrg_realtime	2.0	-	-	`cpe:2.3:a:redhat:mrg_realtime:2.0:::::::*`
redhat	virtualization_host_eus	4.2	-	-	`cpe:2.3:a:redhat:virtualization_host_eus:4.2:::::::*`
redhat	enterprise_linux	8.0	-	-	`cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*`
redhat	enterprise_linux_aus	7.5	-	-	`cpe:2.3:o:redhat:enterprise_linux_aus:7.5:::::::*`
redhat	enterprise_linux_eus	7.6	-	-	`cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*`
redhat	enterprise_linux_eus	7.7	-	-	`cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*`
redhat	enterprise_linux_eus	8.1	-	-	`cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*`
redhat	enterprise_linux_eus	8.2	-	-	`cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*`
redhat	enterprise_linux_eus	8.4	-	-	`cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*`
redhat	enterprise_linux_for_real_time	7	-	-	`cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:::::::*`
redhat	enterprise_linux_for_real_time	8	-	-	`cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:::::::*`
redhat	enterprise_linux_for_real_time_eus	8.2	-	-	`cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.2:::::::*`
redhat	enterprise_linux_for_real_time_eus	8.4	-	-	`cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.4:::::::*`
redhat	enterprise_linux_for_real_time_for_nfv	7	-	-	`cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:::::::*`
redhat	enterprise_linux_for_real_time_for_nfv	8	-	-	`cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:::::::*`
redhat	enterprise_linux_for_real_time_for_nfv_eus	8.2	-	-	`cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.2:::::::*`
redhat	enterprise_linux_for_real_time_for_nfv_eus	8.4	-	-	`cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.4:::::::*`
redhat	enterprise_linux_server	7.0	-	-	`cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*`
redhat	enterprise_linux_server_aus	7.3	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*`
redhat	enterprise_linux_server_aus	7.4	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*`
redhat	enterprise_linux_server_aus	7.6	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*`
redhat	enterprise_linux_server_aus	7.7	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*`
redhat	enterprise_linux_server_aus	8.2	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*`
redhat	enterprise_linux_server_aus	8.4	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*`
redhat	enterprise_linux_server_tus	7.3	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*`
redhat	enterprise_linux_server_tus	7.4	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*`
redhat	enterprise_linux_server_tus	7.6	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*`
redhat	enterprise_linux_server_tus	7.7	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*`
redhat	enterprise_linux_server_tus	8.2	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*`
redhat	enterprise_linux_server_tus	8.4	-	-	`cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*`
redhat	enterprise_linux_tus	7.6	-	-	`cpe:2.3:o:redhat:enterprise_linux_tus:7.6:::::::*`
huawei	alp-al00b_firmware	*	-	-	`cpe:2.3:o:huawei:alp-al00b_firmware::::::::`
huawei	ares-al00b_firmware	*	-	-	`cpe:2.3:o:huawei:ares-al00b_firmware::::::::`
huawei	ares-al10d_firmware	*	-	-	`cpe:2.3:o:huawei:ares-al10d_firmware::::::::`
huawei	ares-tl00c_firmware	*	-	-	`cpe:2.3:o:huawei:ares-tl00c_firmware::::::::`
huawei	asoka-al00ax_firmware	*	-	-	`cpe:2.3:o:huawei:asoka-al00ax_firmware::::::::`
huawei	atomu-l33_firmware	*	-	-	`cpe:2.3:o:huawei:atomu-l33_firmware::::::::`
huawei	atomu-l41_firmware	*	-	-	`cpe:2.3:o:huawei:atomu-l41_firmware::::::::`
huawei	atomu-l42_firmware	*	-	-	`cpe:2.3:o:huawei:atomu-l42_firmware::::::::`
huawei	bla-al00b_firmware	*	-	-	`cpe:2.3:o:huawei:bla-al00b_firmware::::::::`
huawei	bla-l29c_firmware	*	-	-	`cpe:2.3:o:huawei:bla-l29c_firmware::::::::`
huawei	bla-tl00b_firmware	*	-	-	`cpe:2.3:o:huawei:bla-tl00b_firmware::::::::`
huawei	barca-al00_firmware	*	-	-	`cpe:2.3:o:huawei:barca-al00_firmware::::::::`
huawei	berkeley-al20_firmware	*	-	-	`cpe:2.3:o:huawei:berkeley-al20_firmware::::::::`
huawei	berkeley-l09_firmware	*	-	-	`cpe:2.3:o:huawei:berkeley-l09_firmware::::::::`
huawei	berkeley-tl10_firmware	*	-	-	`cpe:2.3:o:huawei:berkeley-tl10_firmware::::::::`
huawei	cairogo-l22_firmware	*	-	-	`cpe:2.3:o:huawei:cairogo-l22_firmware::::::::`
huawei	charlotte-l29c_firmware	*	-	-	`cpe:2.3:o:huawei:charlotte-l29c_firmware::::::::`
huawei	columbia-al10b_firmware	*	-	-	`cpe:2.3:o:huawei:columbia-al10b_firmware::::::::`
huawei	columbia-al10i_firmware	*	-	-	`cpe:2.3:o:huawei:columbia-al10i_firmware::::::::`
huawei	columbia-l29d_firmware	*	-	-	`cpe:2.3:o:huawei:columbia-l29d_firmware::::::::`
huawei	columbia-tl00d_firmware	*	-	-	`cpe:2.3:o:huawei:columbia-tl00d_firmware::::::::`
huawei	cornell-al00a_firmware	*	-	-	`cpe:2.3:o:huawei:cornell-al00a_firmware::::::::`
huawei	cornell-al00i_firmware	*	-	-	`cpe:2.3:o:huawei:cornell-al00i_firmware::::::::`
huawei	cornell-al00ind_firmware	*	-	-	`cpe:2.3:o:huawei:cornell-al00ind_firmware::::::::`
huawei	cornell-al10ind_firmware	*	-	-	`cpe:2.3:o:huawei:cornell-al10ind_firmware::::::::`
huawei	cornell-l29a_firmware	*	-	-	`cpe:2.3:o:huawei:cornell-l29a_firmware::::::::`
huawei	cornell-tl10b_firmware	*	-	-	`cpe:2.3:o:huawei:cornell-tl10b_firmware::::::::`
huawei	dubai-al00a_firmware	*	-	-	`cpe:2.3:o:huawei:dubai-al00a_firmware::::::::`
huawei	dura-al00a_firmware	*	-	-	`cpe:2.3:o:huawei:dura-al00a_firmware::::::::`
huawei	dura-tl00a_firmware	*	-	-	`cpe:2.3:o:huawei:dura-tl00a_firmware::::::::`
huawei	emily-l29c_firmware	8.1.0.156\(c605\)	-	-	`cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.156\(c605\):::::::*`
huawei	ever-l29b_firmware	*	-	-	`cpe:2.3:o:huawei:ever-l29b_firmware::::::::`
huawei	figo-l23_firmware	*	-	-	`cpe:2.3:o:huawei:figo-l23_firmware::::::::`
huawei	figo-l31_firmware	8.0.0.122d\(c652\)	-	-	`cpe:2.3:o:huawei:figo-l31_firmware:8.0.0.122d\(c652\):::::::*`
huawei	figo-tl10b_firmware	*	-	-	`cpe:2.3:o:huawei:figo-tl10b_firmware::::::::`
huawei	florida-al20b_firmware	*	-	-	`cpe:2.3:o:huawei:florida-al20b_firmware::::::::`
huawei	florida-l21_firmware	*	-	-	`cpe:2.3:o:huawei:florida-l21_firmware::::::::`
huawei	florida-l22_firmware	*	-	-	`cpe:2.3:o:huawei:florida-l22_firmware::::::::`
huawei	florida-l23_firmware	*	-	-	`cpe:2.3:o:huawei:florida-l23_firmware::::::::`
huawei	florida-tl10b_firmware	*	-	-	`cpe:2.3:o:huawei:florida-tl10b_firmware::::::::`
huawei	honor_20_firmware	*	-	-	`cpe:2.3:o:huawei:honor_20_firmware::::::::`
huawei	honor_20_pro_firmware	*	-	-	`cpe:2.3:o:huawei:honor_20_pro_firmware::::::::`
huawei	mate_20_firmware	-	-	-	`cpe:2.3:o:huawei:mate_20_firmware:-:::::::*`
huawei	mate_20_pro_firmware	-	-	-	`cpe:2.3:o:huawei:mate_20_pro_firmware:-:::::::*`
huawei	mate_20_x_firmware	-	-	-	`cpe:2.3:o:huawei:mate_20_x_firmware:-:::::::*`
huawei	p_smart_firmware	-	-	-	`cpe:2.3:o:huawei:p_smart_firmware:-:::::::*`
huawei	p_smart_2019_firmware	-	-	-	`cpe:2.3:o:huawei:p_smart_2019_firmware:-:::::::*`
huawei	p20_firmware	-	-	-	`cpe:2.3:o:huawei:p20_firmware:-:::::::*`
huawei	p20_pro_firmware	-	-	-	`cpe:2.3:o:huawei:p20_pro_firmware:-:::::::*`
huawei	p30_firmware	-	-	-	`cpe:2.3:o:huawei:p30_firmware:-:::::::*`
huawei	p30_pro_firmware	-	-	-	`cpe:2.3:o:huawei:p30_pro_firmware:-:::::::*`
huawei	y5_2018_firmware	-	-	-	`cpe:2.3:o:huawei:y5_2018_firmware:-:::::::*`
huawei	y5_lite_firmware	-	-	-	`cpe:2.3:o:huawei:y5_lite_firmware:-:::::::*`
huawei	y6_2019_firmware	-	-	-	`cpe:2.3:o:huawei:y6_2019_firmware:-:::::::*`
huawei	y6_prime_2018_firmware	-	-	-	`cpe:2.3:o:huawei:y6_prime_2018_firmware:-:::::::*`
huawei	y6_pro_2019_firmware	-	-	-	`cpe:2.3:o:huawei:y6_pro_2019_firmware:-:::::::*`
huawei	y7_2019_firmware	-	-	-	`cpe:2.3:o:huawei:y7_2019_firmware:-:::::::*`
huawei	y9_2019_firmware	-	-	-	`cpe:2.3:o:huawei:y9_2019_firmware:-:::::::*`
huawei	nova_3_firmware	-	-	-	`cpe:2.3:o:huawei:nova_3_firmware:-:::::::*`
huawei	nova_4_firmware	-	-	-	`cpe:2.3:o:huawei:nova_4_firmware:-:::::::*`
huawei	nova_5_firmware	-	-	-	`cpe:2.3:o:huawei:nova_5_firmware:-:::::::*`
huawei	nova_5i_pro_firmware	-	-	-	`cpe:2.3:o:huawei:nova_5i_pro_firmware:-:::::::*`
huawei	nova_lite_3_firmware	-	-	-	`cpe:2.3:o:huawei:nova_lite_3_firmware:-:::::::*`
huawei	harry-al00c_firmware	-	-	-	`cpe:2.3:o:huawei:harry-al00c_firmware:-:::::::*`
huawei	harry-al10b_firmware	-	-	-	`cpe:2.3:o:huawei:harry-al10b_firmware:-:::::::*`
huawei	harry-tl00c_firmware	-	-	-	`cpe:2.3:o:huawei:harry-tl00c_firmware:-:::::::*`
huawei	hima-l29c_firmware	-	-	-	`cpe:2.3:o:huawei:hima-l29c_firmware:-:::::::*`
huawei	honor_10_lite_firmware	-	-	-	`cpe:2.3:o:huawei:honor_10_lite_firmware:-:::::::*`
huawei	honor_8a_firmware	-	-	-	`cpe:2.3:o:huawei:honor_8a_firmware:-:::::::*`
huawei	honor_8x_firmware	-	-	-	`cpe:2.3:o:huawei:honor_8x_firmware:-:::::::*`
huawei	honor_view_10_firmware	-	-	-	`cpe:2.3:o:huawei:honor_view_10_firmware:-:::::::*`
huawei	honor_view_20_firmware	-	-	-	`cpe:2.3:o:huawei:honor_view_20_firmware:-:::::::*`
huawei	jakarta-al00a_firmware	-	-	-	`cpe:2.3:o:huawei:jakarta-al00a_firmware:-:::::::*`
huawei	johnson-tl00d_firmware	-	-	-	`cpe:2.3:o:huawei:johnson-tl00d_firmware:-:::::::*`
huawei	johnson-tl00f_firmware	-	-	-	`cpe:2.3:o:huawei:johnson-tl00f_firmware:-:::::::*`
huawei	katyusha-al00a_firmware	-	-	-	`cpe:2.3:o:huawei:katyusha-al00a_firmware:-:::::::*`
huawei	laya-al00ep_firmware	-	-	-	`cpe:2.3:o:huawei:laya-al00ep_firmware:-:::::::*`
huawei	leland-l21a_firmware	-	-	-	`cpe:2.3:o:huawei:leland-l21a_firmware:-:::::::*`
huawei	leland-l31a_firmware	-	-	-	`cpe:2.3:o:huawei:leland-l31a_firmware:-:::::::*`
huawei	leland-l32a_firmware	-	-	-	`cpe:2.3:o:huawei:leland-l32a_firmware:-:::::::*`
huawei	leland-l32c_firmware	-	-	-	`cpe:2.3:o:huawei:leland-l32c_firmware:-:::::::*`
huawei	leland-l42a_firmware	-	-	-	`cpe:2.3:o:huawei:leland-l42a_firmware:-:::::::*`
huawei	leland-l42c_firmware	-	-	-	`cpe:2.3:o:huawei:leland-l42c_firmware:-:::::::*`
huawei	leland-tl10b_firmware	-	-	-	`cpe:2.3:o:huawei:leland-tl10b_firmware:-:::::::*`
huawei	leland-tl10c_firmware	-	-	-	`cpe:2.3:o:huawei:leland-tl10c_firmware:-:::::::*`
huawei	lelandp-al00c_firmware	-	-	-	`cpe:2.3:o:huawei:lelandp-al00c_firmware:-:::::::*`
huawei	lelandp-al10b_firmware	-	-	-	`cpe:2.3:o:huawei:lelandp-al10b_firmware:-:::::::*`
huawei	lelandp-al10d_firmware	-	-	-	`cpe:2.3:o:huawei:lelandp-al10d_firmware:-:::::::*`
huawei	lelandp-l22a_firmware	-	-	-	`cpe:2.3:o:huawei:lelandp-l22a_firmware:-:::::::*`
huawei	lelandp-l22c_firmware	-	-	-	`cpe:2.3:o:huawei:lelandp-l22c_firmware:-:::::::*`
huawei	lelandp-l22d_firmware	-	-	-	`cpe:2.3:o:huawei:lelandp-l22d_firmware:-:::::::*`
huawei	london-al40ind_firmware	-	-	-	`cpe:2.3:o:huawei:london-al40ind_firmware:-:::::::*`
huawei	madrid-al00a_firmware	-	-	-	`cpe:2.3:o:huawei:madrid-al00a_firmware:-:::::::*`
huawei	madrid-tl00a_firmware	-	-	-	`cpe:2.3:o:huawei:madrid-tl00a_firmware:-:::::::*`
huawei	neo-al00d_firmware	-	-	-	`cpe:2.3:o:huawei:neo-al00d_firmware:-:::::::*`
huawei	paris-al00ic_firmware	-	-	-	`cpe:2.3:o:huawei:paris-al00ic_firmware:-:::::::*`
huawei	paris-l21b_firmware	-	-	-	`cpe:2.3:o:huawei:paris-l21b_firmware:-:::::::*`
huawei	paris-l21meb_firmware	-	-	-	`cpe:2.3:o:huawei:paris-l21meb_firmware:-:::::::*`
huawei	paris-l29b_firmware	-	-	-	`cpe:2.3:o:huawei:paris-l29b_firmware:-:::::::*`
huawei	potter-al00c_firmware	-	-	-	`cpe:2.3:o:huawei:potter-al00c_firmware:-:::::::*`
huawei	potter-al10a_firmware	-	-	-	`cpe:2.3:o:huawei:potter-al10a_firmware:-:::::::*`
huawei	princeton-al10b_firmware	-	-	-	`cpe:2.3:o:huawei:princeton-al10b_firmware:-:::::::*`
huawei	princeton-al10d_firmware	-	-	-	`cpe:2.3:o:huawei:princeton-al10d_firmware:-:::::::*`
huawei	princeton-tl10c_firmware	-	-	-	`cpe:2.3:o:huawei:princeton-tl10c_firmware:-:::::::*`
huawei	sydney-al00_firmware	-	-	-	`cpe:2.3:o:huawei:sydney-al00_firmware:-:::::::*`
huawei	sydney-l21_firmware	-	-	-	`cpe:2.3:o:huawei:sydney-l21_firmware:-:::::::*`
huawei	sydney-l21br_firmware	-	-	-	`cpe:2.3:o:huawei:sydney-l21br_firmware:-:::::::*`
huawei	sydney-l22_firmware	-	-	-	`cpe:2.3:o:huawei:sydney-l22_firmware:-:::::::*`
huawei	sydney-l22br_firmware	-	-	-	`cpe:2.3:o:huawei:sydney-l22br_firmware:-:::::::*`
huawei	sydney-tl00_firmware	-	-	-	`cpe:2.3:o:huawei:sydney-tl00_firmware:-:::::::*`
huawei	sydneym-al00_firmware	-	-	-	`cpe:2.3:o:huawei:sydneym-al00_firmware:-:::::::*`
huawei	sydneym-l01_firmware	-	-	-	`cpe:2.3:o:huawei:sydneym-l01_firmware:-:::::::*`
huawei	sydneym-l03_firmware	-	-	-	`cpe:2.3:o:huawei:sydneym-l03_firmware:-:::::::*`
huawei	sydneym-l21_firmware	-	-	-	`cpe:2.3:o:huawei:sydneym-l21_firmware:-:::::::*`
huawei	sydneym-l22_firmware	-	-	-	`cpe:2.3:o:huawei:sydneym-l22_firmware:-:::::::*`
huawei	sydneym-l23_firmware	-	-	-	`cpe:2.3:o:huawei:sydneym-l23_firmware:-:::::::*`
huawei	tony-al00b_firmware	-	-	-	`cpe:2.3:o:huawei:tony-al00b_firmware:-:::::::*`
huawei	tony-tl00b_firmware	-	-	-	`cpe:2.3:o:huawei:tony-tl00b_firmware:-:::::::*`
huawei	yale-al00a_firmware	-	-	-	`cpe:2.3:o:huawei:yale-al00a_firmware:-:::::::*`
huawei	yale-al50a_firmware	-	-	-	`cpe:2.3:o:huawei:yale-al50a_firmware:-:::::::*`
huawei	yale-l21a_firmware	-	-	-	`cpe:2.3:o:huawei:yale-l21a_firmware:-:::::::*`
huawei	yale-l61c_firmware	-	-	-	`cpe:2.3:o:huawei:yale-l61c_firmware:-:::::::*`
huawei	yale-tl00b_firmware	-	-	-	`cpe:2.3:o:huawei:yale-tl00b_firmware:-:::::::*`
huawei	yalep-al10b_firmware	-	-	-	`cpe:2.3:o:huawei:yalep-al10b_firmware:-:::::::*`
huawei	imanager_neteco_firmware	-	-	-	`cpe:2.3:o:huawei:imanager_neteco_firmware:-:::::::*`
huawei	imanager_neteco_6000_firmware	-	-	-	`cpe:2.3:o:huawei:imanager_neteco_6000_firmware:-:::::::*`
huawei	emily-l29c_firmware	*	-	-	`cpe:2.3:o:huawei:emily-l29c_firmware::::::::`
huawei	figo-l31_firmware	*	-	-	`cpe:2.3:o:huawei:figo-l31_firmware::::::::`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）

临时解决方案:

（暂无数据）

参考链接

VU#918987 third-party-advisory
cve.org

访问

无标题 x_refsource_MISC
cve.org

访问

无标题 x_refsource_MISC
cve.org

访问

无标题 x_refsource_CONFIRM
cve.org

访问

20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3 mailing-list
cve.org

访问

20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra mailing-list
cve.org

访问

20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4 mailing-list
cve.org

访问

20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4 mailing-list
cve.org

访问

无标题 x_refsource_CONFIRM
cve.org

访问

USN-4115-1 vendor-advisory
cve.org

访问

USN-4118-1 vendor-advisory
cve.org

访问

[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update mailing-list
cve.org

访问

[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update mailing-list
cve.org

访问

[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update mailing-list
cve.org

访问

USN-4147-1 vendor-advisory
cve.org

访问

RHSA-2019:2975 vendor-advisory
cve.org

访问

openSUSE-SU-2019:2307 vendor-advisory
cve.org

访问

openSUSE-SU-2019:2308 vendor-advisory
cve.org

访问

RHSA-2019:3076 vendor-advisory
cve.org

访问

RHSA-2019:3055 vendor-advisory
cve.org

访问

RHSA-2019:3089 vendor-advisory
cve.org

访问

RHSA-2019:3187 vendor-advisory
cve.org

访问

RHSA-2019:3165 vendor-advisory
cve.org

访问

RHSA-2019:3217 vendor-advisory
cve.org

访问

RHSA-2019:3220 vendor-advisory
cve.org

访问

RHSA-2019:3231 vendor-advisory
cve.org

访问

RHSA-2019:3218 vendor-advisory
cve.org

访问

RHSA-2019:3309 vendor-advisory
cve.org

访问

RHSA-2019:3517 vendor-advisory
cve.org

访问

RHSA-2020:0204 vendor-advisory
cve.org

访问

CVSS评分详情

3.0 (cna)

HIGH

7.6

CVSS向量: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

机密性

HIGH

完整性

LOW

可用性

LOW

时间信息

发布时间:

2019-08-14 16:27:45

修改时间:

2024-09-16 19:14:13

创建时间:

2025-11-11 15:35:53

更新时间:

2025-11-11 15:54:52

利用信息

暂无可利用代码信息

数据源详情

数据源	记录ID	版本	提取时间
CVE	`cve_CVE-2019-9506`	2025-11-11 15:20:17	2025-11-11 07:35:53
NVD	`nvd_CVE-2019-9506`	2025-11-11 14:56:25	2025-11-11 07:44:22
CNNVD	`cnnvd_CNNVD-201908-864`	2025-11-11 15:10:15	2025-11-11 07:54:52

版本与语言

当前版本: v3

主要语言: EN

支持语言:

EN ZH

安全公告

暂无安全公告信息

变更历史

v3 CNNVD

2025-11-11 15:54:52

vulnerability_type: 未提取 → 加密问题; cnnvd_id: 未提取 → CNNVD-201908-864; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']

查看详细变更

vulnerability_type: 未提取 -> 加密问题
cnnvd_id: 未提取 -> CNNVD-201908-864
data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']

v2 NVD

2025-11-11 15:44:22

affected_products_count: 1 → 173; data_sources: ['cve'] → ['cve', 'nvd']

查看详细变更

affected_products_count: 1 -> 173
data_sources: ['cve'] -> ['cve', 'nvd']

CVE-2019-9506 (CNNVD-201908-864)

中文标题:

Bluetooth BR/EDR 加密问题漏洞

英文标题:

Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation

漏洞描述

中文描述:

英文描述:

CWE类型:

标签:

受影响产品

解决方案

中文解决方案:

英文解决方案:

临时解决方案:

参考链接

CVSS评分详情

3.0 (cna)

时间信息

利用信息

数据源详情

版本与语言

安全公告

变更历史