A CWE-184 “Incomplete List of Disallowed Inputs” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Metrics
Affected Vendors & Products
References
History
Thu, 17 Oct 2024 09:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A CWE-693 “Protection Mechanism Failure” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2. | A CWE-184 “Incomplete List of Disallowed Inputs” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2. |
Mon, 30 Sep 2024 10:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ailux
Ailux imx6 Bundle |
|
Weaknesses | CWE-693 | |
CPEs | cpe:2.3:a:ailux:imx6_bundle:*:*:*:*:*:*:*:* | |
Vendors & Products |
Ailux
Ailux imx6 Bundle |
|
Metrics |
ssvc
|
Mon, 30 Sep 2024 10:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A CWE-693 “Protection Mechanism Failure” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” http://localhost” ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2. | A CWE-693 “Protection Mechanism Failure” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2. |
Weaknesses | CWE-184 |
MITRE
Status: PUBLISHED
Assigner: Nozomi
Published: 2024-03-05T11:27:46.837Z
Updated: 2024-10-17T09:24:36.331Z
Reserved: 2023-10-09T08:26:54.316Z
Link: CVE-2023-45593
Vulnrichment
Updated: 2024-08-02T20:21:16.687Z
NVD
Status : Awaiting Analysis
Published: 2024-03-05T12:15:46.213
Modified: 2024-11-21T08:27:01.460
Link: CVE-2023-45593
Redhat
No data.