{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-31310", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2023-04-27T15:25:41.422Z", "datePublished": "2024-08-13T16:54:05.783Z", "dateUpdated": "2024-10-31T14:14:29.589Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "AMD Radeon\u2122 RX 6000 Series Graphics Cards", "vendor": "AMD", "versions": [{"status": "unaffected", "version": "AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)"}]}, {"defaultStatus": "affected", "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Cards", "vendor": "AMD", "versions": [{"status": "unaffected", "version": "AMD Software: PRO Edition 23.Q4 (23.30.13.03)"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the \"set temperature input selection\" command, potentially resulting in a loss of integrity and/or availability."}], "value": "Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the \"set temperature input selection\" command, potentially resulting in a loss of integrity and/or availability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2024-08-13T16:54:05.783Z"}, "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-1284", "lang": "en", "description": "CWE-1284 Improper Validation of Specified Quantity in Input"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-14T16:05:51.418481Z", "id": "CVE-2023-31310", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-31T14:14:29.589Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-31310", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-14T16:05:51.418481Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1284", "description": "CWE-1284 Improper Validation of Specified Quantity in Input"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-14T16:20:47.876Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "AMD", "product": "AMD Radeon\u2122 RX 6000 Series Graphics Cards", "versions": [{"status": "unaffected", "version": "AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Cards", "versions": [{"status": "unaffected", "version": "AMD Software: PRO Edition 23.Q4 (23.30.13.03)"}], "defaultStatus": "affected"}], "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the \"set temperature input selection\" command, potentially resulting in a loss of integrity and/or availability.", "supportingMedia": [{"type": "text/html", "value": "Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the \"set temperature input selection\" command, potentially resulting in a loss of integrity and/or availability.", "base64": false}]}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2024-08-13T16:54:05.783Z"}}}, "cveMetadata": {"cveId": "CVE-2023-31310", "state": "PUBLISHED", "dateUpdated": "2024-10-31T14:14:29.589Z", "dateReserved": "2023-04-27T15:25:41.422Z", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "datePublished": "2024-08-13T16:54:05.783Z", "assignerShortName": "AMD"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the \"set temperature input selection\" command, potentially resulting in a loss of integrity and/or availability."}, {"lang": "es", "value": "Una validaci\u00f3n de entrada incorrecta en el firmware de administraci\u00f3n de energ\u00eda (PMFW) puede permitir que un atacante con privilegios env\u00ede una entrada con formato incorrecto para el comando \"establecer selecci\u00f3n de entrada de temperatura\", lo que podr\u00eda provocar una p\u00e9rdida de integridad y/o disponibilidad."}], "id": "CVE-2023-31310", "lastModified": "2024-10-31T15:35:04.980", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.7, "source": "psirt@amd.com", "type": "Secondary"}]}, "published": "2024-08-13T17:15:20.683", "references": [{"source": "psirt@amd.com", "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html"}], "sourceIdentifier": "psirt@amd.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}