CVE-2019-3934
Vulnerability from cvelistv5
Published
2019-04-30 20:34
Modified
2024-08-04 19:26
Severity ?
Summary
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing the access code.
References
vulnreport@tenable.comhttps://www.tenable.com/security/research/tra-2019-20Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/research/tra-2019-20Exploit, Third Party Advisory
Impacted products
Vendor Product Version
Crestron Crestron AirMedia Version: AM-100 firmware 1.6.0.2 and AM-101 firmware 2.7.0.2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:26:27.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/research/tra-2019-20"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Crestron AirMedia",
          "vendor": "Crestron",
          "versions": [
            {
              "status": "affected",
              "version": "AM-100 firmware 1.6.0.2 and AM-101 firmware 2.7.0.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing the access code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284 Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-30T20:34:03",
        "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "shortName": "tenable"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/research/tra-2019-20"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnreport@tenable.com",
          "ID": "CVE-2019-3934",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Crestron AirMedia",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "AM-100 firmware 1.6.0.2 and AM-101 firmware 2.7.0.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Crestron"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing the access code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284 Improper Access Control"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.tenable.com/security/research/tra-2019-20",
              "refsource": "MISC",
              "url": "https://www.tenable.com/security/research/tra-2019-20"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
    "assignerShortName": "tenable",
    "cveId": "CVE-2019-3934",
    "datePublished": "2019-04-30T20:34:03",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-08-04T19:26:27.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-3934\",\"sourceIdentifier\":\"vulnreport@tenable.com\",\"published\":\"2019-04-30T21:29:01.010\",\"lastModified\":\"2024-11-21T04:42:53.760\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing the access code.\"},{\"lang\":\"es\",\"value\":\"Crestron AM-100 con firmware versi\u00f3n 1.6.0.2 y AM-101 con firmware versi\u00f3n 2.7.0.2 permite que cualquiera pueda omitir el c\u00f3digo de presentaci\u00f3n enviando una petici\u00f3n HTTP POST creada para el archivo login.cgi. Un atacante remoto no identificado puede usar esta vulnerabilidad para descargar la imagen de diapositiva actual sin conocer el c\u00f3digo de acceso.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"vulnreport@tenable.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-425\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"913135BE-8FB4-40BA-85D8-AD0F824493C3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"081E2B1B-027D-4846-8C61-54CE2D668CD0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AC584E7-9159-48E8-B499-F5CA68663503\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0AB0523-6EFF-4C78-A8BA-B2764DBB04D0\"}]}]}],\"references\":[{\"url\":\"https://www.tenable.com/security/research/tra-2019-20\",\"source\":\"vulnreport@tenable.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/research/tra-2019-20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.