We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-31280

Exposure of Sensitive Information to an Unauthorized Actor



Description

An AirVantage online Warranty Checker tool vulnerability could allow an attacker to perform bulk enumeration of IMEI and Serial Numbers pairs. The AirVantage Warranty Checker is updated to no longer return the IMEI and Serial Number in addition to the warranty status when the Serial Number or IMEI is used to look up warranty status.

Reserved 2023-04-26 | Published 2024-12-20 | Updated 2024-12-24 | Assigner SWI


MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status
unaffected

All Sierra Wireless devices.
affected

References

source.sierrawireless.com/...al-bulletin---swi-psa-2023-002/

cve.org (CVE-2023-31280)

nvd.nist.gov (CVE-2023-31280)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-31280

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.