An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/106966 | Third Party Advisory VDB Entry |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microsoft
Published: 2019-03-06T00:00:00
Updated: 2019-03-06T10:57:01
Reserved: 2018-11-26T00:00:00
Link: CVE-2019-0729
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-03-05T23:29:02.740
Modified: 2021-07-21T11:39:23.747
Link: CVE-2019-0729
JSON object: View
Redhat Information
No data.
CWE