CVE-2019-3910 Vulnerability Details

  /     /     /  

CVE-2019-3910 Metadata Quick Info

CVE Published: 18/01/2019 | CVE Updated: 04/08/2024 | CVE Year: 2019
Source: tenable | Vendor: n/a | Product: Crestron AM-100 Before 1.6.0.2
Status : PUBLISHED

CVE-2019-3910 Description

Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface\'s return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Authentication Bypass
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2019-3910 Vulnerability Details