CVE-2016-7830

Published Jun 9, 2017

Last updated 7 years ago

CVSS high 8.8

Overview

Description: Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors.
Source: vultures@jpcert.or.jp
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 6.4
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-306

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sony:pcs-xg100_firmware:1.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59D66787-EA68-459A-8B6B-DDE3297A686F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sony:pcs-xg100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "22E568C0-86AF-4886-9709-A83018CE6C2F"
          },
          {
            "criteria": "cpe:2.3:h:sony:pcs-xg100s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2D37C7C1-76E1-42FE-9A64-B3A6DDDA5DC7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sony:pcs-xg100_firmware:1.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB542813-B53F-44BD-B8D5-161667E77411"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sony:pcs-xg100c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0817A1C4-2A4F-4D79-AC63-100A1D4B5998"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sony:pcs-xg77_firmware:1.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1374A1FF-C50E-442B-9549-E4F388946128"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sony:pcs-xg77:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "030DCC5E-8633-4086-BAC9-F5FD4E7D46D4"
          },
          {
            "criteria": "cpe:2.3:h:sony:pcs-xg77s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EEDB48B7-9DC3-422D-A649-7B7C094B4ED8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sony:pcs-xg77_firmware:1.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C667897-92BE-45E7-9B4D-426D80511D67"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sony:pcs-xg77c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "657B512E-81A1-4603-904E-1875814BF48B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sony:pcs-xc1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D21324B-1210-4E7F-80FB-3FD284035B7A",
            "versionEndIncluding": "1.21"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sony:pcs-xc1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8141874D-CF91-4A17-A56E-EE8B10E0C66B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References