5.3
CVE-2019-18831
- EPSS 0.57%
- Veröffentlicht 16.12.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:33:40
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Barco ≫ Clickshare Cs-100 Firmware Version < 1.9.0
Barco ≫ Clickshare Cse-200 Firmware Version < 1.9.0
Barco ≫ Clickshare Cse-200+ Firmware Version < 1.9.0
Barco ≫ Clickshare Cse-800 Firmware Version < 1.9.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.57% | 0.424 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 1.6 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 3.5 | 6.8 | 2.9 |
AV:N/AC:M/Au:S/C:P/I:N/A:N
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.
https://www.barco.com/en/clickshare/firmware-update
https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/
https://www.barco.com/en/support/software/R33050069?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007
https://www.barco.com/en/support/software/R33050070?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007
https://www.barco.com/en/support/software/R33050095?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007
https://www.barco.com/en/support/software/R33050125?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007