CVE-2019-3933 - OpenCVE

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the access code.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Crestron	Am-101 Firmware Am-101 Am-100 Am-100 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*

cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*

cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.tenable.com/security/research/tra-2019-20	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: tenable

Published: 2019-04-30T20:30:50

Updated: 2019-04-30T20:30:50

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3933

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-04-30T21:29:00.947

Modified: 2020-10-16T16:02:48.257

Link: CVE-2019-3933

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Crestron AirMedia", "vendor": "Crestron", "versions": [{"status": "affected", "version": "AM-100 firmware 1.6.0.2 and AM-101 firmware 2.7.0.2"}]}], "descriptions": [{"lang": "en", "value": "Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the access code."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-04-30T20:30:50", "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.tenable.com/security/research/tra-2019-20"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnreport@tenable.com", "ID": "CVE-2019-3933", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Crestron AirMedia", "version": {"version_data": [{"version_value": "AM-100 firmware 1.6.0.2 and AM-101 firmware 2.7.0.2"}]}}]}, "vendor_name": "Crestron"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the access code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284 Improper Access Control"}]}]}, "references": {"reference_data": [{"name": "https://www.tenable.com/security/research/tra-2019-20", "refsource": "MISC", "url": "https://www.tenable.com/security/research/tra-2019-20"}]}}}}, "cveMetadata": {"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "assignerShortName": "tenable", "cveId": "CVE-2019-3933", "datePublished": "2019-04-30T20:30:50", "dateReserved": "2019-01-03T00:00:00", "dateUpdated": "2019-04-30T20:30:50", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "913135BE-8FB4-40BA-85D8-AD0F824493C3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*", "matchCriteriaId": "081E2B1B-027D-4846-8C61-54CE2D668CD0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6AC584E7-9159-48E8-B499-F5CA68663503", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0AB0523-6EFF-4C78-A8BA-B2764DBB04D0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the access code."}, {"lang": "es", "value": "Crestron AM-100 con firmware versi\u00f3n 1.6.0.2 y AM-101 con firmware versi\u00f3n 2.7.0.2 permite a cualquiera omitir el c\u00f3digo de presentaci\u00f3n simplemente solicitando el archivo /images/browserslide.jpg por medio de HTTP. Un atacante remoto no autenticado puede usar esta vulnerabilidad para ver una presentaci\u00f3n de diapositivas sin conocer el c\u00f3digo de acceso."}], "id": "CVE-2019-3933", "lastModified": "2020-10-16T16:02:48.257", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-04-30T21:29:00.947", "references": [{"source": "vulnreport@tenable.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.tenable.com/security/research/tra-2019-20"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-425"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "vulnreport@tenable.com", "type": "Secondary"}]}