8.8
CVE-2016-7830
- EPSS 0.46%
- Veröffentlicht 09.06.2017 16:29:01
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginSony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sony ≫ Pcs-xg100 Firmware Version1.50
Sony ≫ Pcs-xg100 Firmware Version1.42
Sony ≫ Pcs-xg77 Firmware Version1.42
Sony ≫ Pcs-xc1 Firmware Version <= 1.21
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.46% | 0.615 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 5.8 | 6.5 | 6.4 |
AV:A/AC:L/Au:N/C:P/I:P/A:P
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.