CVE-2019-0729

CVE Database · CVE-2019-0729

CVE-2019-0729

· N/AModified

CVSS v3.1

N/A

EPSS

3.13%

Published

Mar 5, 2019

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.

Weaknesses (CWE)

CWE-330

Affected Products (1)

microsoft · java_software_development_kitvulnerable

References (4)

http://www.securityfocus.com/bid/106966

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729

PatchVendor Advisory

http://www.securityfocus.com/bid/106966

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs