{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-32701","assignerOrgId":"dbe78b00-5e7b-4fda-8748-329789ecfc5c","state":"PUBLISHED","assignerShortName":"blackberry","dateReserved":"2023-05-11T20:52:48.323Z","datePublished":"2023-11-14T18:33:59.148Z","dateUpdated":"2025-09-09T15:06:29.621Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","modules":["Networking Stack"],"product":"QNX Software Development Platform (SDP)","vendor":"BlackBerry","versions":[{"lessThanOrEqual":"7.1","status":"affected","version":"6.6.0","versionType":"custom"}]}],"datePublic":"2023-11-14T18:01:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause Information Disclosure or a Denial-of-Service condition. <p></p>"}],"value":"Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause Information Disclosure or a Denial-of-Service condition."}],"impacts":[{"capecId":"CAPEC-549","descriptions":[{"lang":"en","value":"CAPEC-549 Local Execution of Code"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.1,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1288","description":"CWE-1288 Improper Validation of Consistency within Input","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"dbe78b00-5e7b-4fda-8748-329789ecfc5c","shortName":"blackberry","dateUpdated":"2025-09-09T15:06:29.621Z"},"references":[{"url":"https://support.blackberry.com/kb/articleDetail?articleNumber=000112401"}],"source":{"discovery":"UNKNOWN"},"title":"Vulnerability in Networking Stack Impacts QNX Software Development Platform (SDP)","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T15:25:36.816Z"},"title":"CVE Program Container","references":[{"url":"https://support.blackberry.com/kb/articleDetail?articleNumber=000112401","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-08-30T18:05:38.851186Z","id":"CVE-2023-32701","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-08-30T18:05:56.808Z"}}]}}