CVE-2016-4863 - OpenCVE

The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir II Class 10 model W-02 series with firmware version 2.00.02 and later, FlashAir III Class 10 model W-03 series, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir W-02 series Class 10 model with firmware version 2.00.02 and later, FlashAir W-03 series Class 10 model does not require authentication on accepting a connection from STA side LAN when "Internet pass-thru Mode" is enabled, which allows attackers with access to STA side LAN can obtain files or data.

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:A/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Toshiba	Flashair

Configuration 1 [-]

OR	cpe:2.3:a:toshiba:flashair::::::::
	cpe:2.3:a:toshiba:flashair::::::::
	cpe:2.3:a:toshiba:flashair::::::::
	cpe:2.3:a:toshiba:flashair::::::::
	cpe:2.3:a:toshiba:flashair::::::::
	cpe:2.3:a:toshiba:flashair::::::::
	cpe:2.3:a:toshiba:flashair::::::::

References

Link	Resource
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000168	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/93479	Third Party Advisory VDB Entry
https://jvn.jp/en/jp/JVN39619137/index.html	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2017-05-22T16:00:00

Updated: 2017-05-23T09:57:01

Reserved: 2016-05-17T00:00:00

Link: CVE-2016-4863

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-05-22T16:29:00.217

Modified: 2017-06-12T17:12:17.887

Link: CVE-2016-4863

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "FlashAir SD-WD/WC series Class 6 model", "vendor": "Toshiba", "versions": [{"status": "affected", "version": "firmware version 1.00.04 and later"}]}, {"product": "FlashAir SD-WD/WC series Class 10 model W-02", "vendor": "Toshiba", "versions": [{"status": "affected", "version": "firmware version 2.00.02 and later"}]}, {"product": "FlashAir SD-WE series Class 10 model W-03", "vendor": "Toshiba", "versions": [{"status": "affected", "version": "all firmware versions"}]}, {"product": "FlashAir Class 6 model", "vendor": "Toshiba", "versions": [{"status": "affected", "version": "firmware version 1.00.04 and later"}]}, {"product": "FlashAir II Class 10 model W-02 series", "vendor": "Toshiba", "versions": [{"status": "affected", "version": "firmware version 2.00.02 and later"}]}, {"product": "FlashAir III Class 10 model W-03 series", "vendor": "Toshiba", "versions": [{"status": "affected", "version": "all firmware versions"}]}, {"product": "FlashAir Class 6 model", "vendor": "Toshiba", "versions": [{"status": "affected", "version": "firmware version 1.00.04 and later"}]}, {"product": "FlashAir W-02 series Class 10 model", "vendor": "Toshiba", "versions": [{"status": "affected", "version": "firmware version 2.00.02 and later"}]}, {"product": "FlashAir W-03 series Class 10 model", "vendor": "Toshiba", "versions": [{"status": "affected", "version": "all firmware versions"}]}], "datePublic": "2016-10-07T00:00:00", "descriptions": [{"lang": "en", "value": "The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir II Class 10 model W-02 series with firmware version 2.00.02 and later, FlashAir III Class 10 model W-03 series, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir W-02 series Class 10 model with firmware version 2.00.02 and later, FlashAir W-03 series Class 10 model does not require authentication on accepting a connection from STA side LAN when \"Internet pass-thru Mode\" is enabled, which allows attackers with access to STA side LAN can obtain files or data."}], "problemTypes": [{"descriptions": [{"description": "Lack of authentication mechanism", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-05-23T09:57:01", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"name": "93479", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93479"}, {"name": "JVN#39619137", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "https://jvn.jp/en/jp/JVN39619137/index.html"}, {"name": "JVNDB-2016-000168", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000168"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2016-4863", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "FlashAir SD-WD/WC series Class 6 model", "version": {"version_data": [{"version_value": "firmware version 1.00.04 and later"}]}}, {"product_name": "FlashAir SD-WD/WC series Class 10 model W-02", "version": {"version_data": [{"version_value": "firmware version 2.00.02 and later"}]}}, {"product_name": "FlashAir SD-WE series Class 10 model W-03", "version": {"version_data": [{"version_value": "all firmware versions"}]}}, {"product_name": "FlashAir Class 6 model", "version": {"version_data": [{"version_value": "firmware version 1.00.04 and later"}]}}, {"product_name": "FlashAir II Class 10 model W-02 series", "version": {"version_data": [{"version_value": "firmware version 2.00.02 and later"}]}}, {"product_name": "FlashAir III Class 10 model W-03 series", "version": {"version_data": [{"version_value": "all firmware versions"}]}}, {"product_name": "FlashAir Class 6 model", "version": {"version_data": [{"version_value": "firmware version 1.00.04 and later"}]}}, {"product_name": "FlashAir W-02 series Class 10 model", "version": {"version_data": [{"version_value": "firmware version 2.00.02 and later"}]}}, {"product_name": "FlashAir W-03 series Class 10 model", "version": {"version_data": [{"version_value": "all firmware versions"}]}}]}, "vendor_name": "Toshiba"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir II Class 10 model W-02 series with firmware version 2.00.02 and later, FlashAir III Class 10 model W-03 series, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir W-02 series Class 10 model with firmware version 2.00.02 and later, FlashAir W-03 series Class 10 model does not require authentication on accepting a connection from STA side LAN when \"Internet pass-thru Mode\" is enabled, which allows attackers with access to STA side LAN can obtain files or data."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Lack of authentication mechanism"}]}]}, "references": {"reference_data": [{"name": "93479", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93479"}, {"name": "JVN#39619137", "refsource": "JVN", "url": "https://jvn.jp/en/jp/JVN39619137/index.html"}, {"name": "JVNDB-2016-000168", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000168"}]}}}}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2016-4863", "datePublished": "2017-05-22T16:00:00", "dateReserved": "2016-05-17T00:00:00", "dateUpdated": "2017-05-23T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:toshiba:flashair:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBA7647D-DB43-4DD7-89B4-02CD310B8F5B", "versionEndIncluding": "1.00.03", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:flashair:*:*:*:*:*:*:*:*", "matchCriteriaId": "A3E68A5E-C899-484D-87EA-F52414B66968", "versionEndIncluding": "1.00.04", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:flashair:*:*:*:*:*:*:*:*", "matchCriteriaId": "8288D17C-1CE9-4B38-81C4-9C702E5800D9", "versionEndIncluding": "1.00.06", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:flashair:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0CE8592-61C3-4F18-9398-3F9C2F5531A4", "versionEndIncluding": "1.02", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:flashair:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7DB5458-E52B-497D-8B09-040FCDB13B78", "versionEndIncluding": "2.00.03", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:flashair:*:*:*:*:*:*:*:*", "matchCriteriaId": "48762E2F-044E-43C6-8221-FBFBA9C8E7E4", "versionEndIncluding": "3.00.01", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:flashair:*:*:*:*:*:*:*:*", "matchCriteriaId": "C182FF61-0D00-4AE6-94CD-38BBB47050D5", "versionEndIncluding": "3.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir II Class 10 model W-02 series with firmware version 2.00.02 and later, FlashAir III Class 10 model W-03 series, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir W-02 series Class 10 model with firmware version 2.00.02 and later, FlashAir W-03 series Class 10 model does not require authentication on accepting a connection from STA side LAN when \"Internet pass-thru Mode\" is enabled, which allows attackers with access to STA side LAN can obtain files or data."}, {"lang": "es", "value": "El FlashAir SD-WD/WC serie Clase 6 modelo con versi\u00f3n de firmware 1.00.04 y posterior, FlashAir SD- WD/WC serie Clase 10 modelo W-02 con versi\u00f3n de firmware 2.00.02 y posterior, FlashAir SD-WE serie Clase 10 modelo W-03, FlashAir Clase 6 modelo con versi\u00f3n de firmware 1.00.04 y posterior, FlashAir II Clase 10 modelo W-02 serie con versi\u00f3n de firmware 2.00.02 y posterior, FlashAir III Clase 10 modelo W-03 serie, FlashAir Clase 6 modelo con versi\u00f3n de firmware 1.00.04 y posterior, FlashAir W-02 serie Clase 10 modelo con versi\u00f3n de firmware 2.00.02 y posterior, FlashAir W-03 serie clase 10 el modelo de Toshiba, no requieren la autenticaci\u00f3n al aceptar una conexi\u00f3n de LAN del lado STA cuando se habilita el \"Internet pass-thru Mode\", que permite que los atacantes con acceso a LAN del lado STA puedan obtener archivos o datos."}], "id": "CVE-2016-4863", "lastModified": "2017-06-12T17:12:17.887", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-22T16:29:00.217", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000168"}, {"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/93479"}, {"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://jvn.jp/en/jp/JVN39619137/index.html"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}