CVE-2019-10886
Published Apr 19, 2019
Last updated 4 years ago
Overview
- Description
- An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). This vulnerability allows an attacker to read arbitrary files without authentication over HTTP when Photo Sharing Plus application is running. This may allow an attacker to browse a particular directory (e.g. images) inside the private network.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 5.9
- Impact score
- 3.6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-306
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sony:kdl-50w800c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "959C70FF-13E9-4C3C-821F-CA128B68C58D"
},
{
"criteria": "cpe:2.3:h:sony:kdl-50w805c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4BB1ADDF-C47B-40FA-8CB6-8BDF3C7154FB"
},
{
"criteria": "cpe:2.3:h:sony:kdl-50w807c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E70D3FC8-3CD8-4350-BA1A-3FFA1B7F4C94"
},
{
"criteria": "cpe:2.3:h:sony:kdl-50w809c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "329FC69F-C9DA-4B6D-AEDE-204B4BE06489"
},
{
"criteria": "cpe:2.3:h:sony:kdl-50w820c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "129D4803-25FA-4469-B132-69AF68E215C5"
},
{
"criteria": "cpe:2.3:h:sony:kdl-55w800c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2EF86EC7-A1DD-4F40-93EF-24E8120B99D7"
},
{
"criteria": "cpe:2.3:h:sony:kdl-55w805c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1ABE5A82-F389-4EB2-95B8-174E20CCCE76"
},
{
"criteria": "cpe:2.3:h:sony:kdl-65w850c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BEC8C6F7-6EA1-4306-90AC-01D059D30261"
},
{
"criteria": "cpe:2.3:h:sony:kdl-65w855c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DC6BE05D-E4BD-45ED-8AE0-751533F2AACE"
},
{
"criteria": "cpe:2.3:h:sony:kdl-65w857c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CCE3EC16-5290-4B29-9777-30AE846E3FA1"
},
{
"criteria": "cpe:2.3:h:sony:kdl-75w850c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "991A64C7-2678-4042-BE08-39D7DBB1463D"
},
{
"criteria": "cpe:2.3:h:sony:kdl-75w855c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E7564892-0034-4607-A040-82FC03EA3627"
},
{
"criteria": "cpe:2.3:h:sony:x7500d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BC6A8615-0135-4AFB-8B77-A037AD2AD46C"
},
{
"criteria": "cpe:2.3:h:sony:xbr-100z9d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D5990CBB-481F-4DF6-959A-BE3140211C03"
},
{
"criteria": "cpe:2.3:h:sony:xbr-43x800d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "20A86592-20F7-44A8-ABA5-450E28E3FA9D"
},
{
"criteria": "cpe:2.3:h:sony:xbr-43x800e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "888106F9-BE1D-4D67-B5BA-5932D4BA491F"
},
{
"criteria": "cpe:2.3:h:sony:xbr-43x830c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C274F605-611D-45C6-9784-6C5D5C0B2A05"
},
{
"criteria": "cpe:2.3:h:sony:xbr-49x700d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5CC7240D-2CBE-4A36-B98A-637DF1907E75"
},
{
"criteria": "cpe:2.3:h:sony:xbr-49x800c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "ED21FC83-2A01-4F0F-9531-FFE1E777BF55"
},
{
"criteria": "cpe:2.3:h:sony:xbr-49x800d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B681538E-A20B-47CE-A5DC-5E5DDF45CAE9"
},
{
"criteria": "cpe:2.3:h:sony:xbr-49x800e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CA6FBA71-E121-4785-92D3-CFD2954937EF"
},
{
"criteria": "cpe:2.3:h:sony:xbr-49x830c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F34B8D7C-D686-4F0F-9DC6-3CC842350CCC"
},
{
"criteria": "cpe:2.3:h:sony:xbr-49x835c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1AE62169-5642-4EBF-81FA-D01BD9B3499D"
},
{
"criteria": "cpe:2.3:h:sony:xbr-49x835d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0D8646D2-D413-4D37-A6AA-041DB30A907A"
},
{
"criteria": "cpe:2.3:h:sony:xbr-49x837c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "89945794-49F2-4671-AA9F-A351BC3FB74D"
},
{
"criteria": "cpe:2.3:h:sony:xbr-49x839c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EAF45D42-8038-4701-A568-5AA0906651AE"
},
{
"criteria": "cpe:2.3:h:sony:xbr-49x900e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "89295430-CD3C-4159-8F94-95537ECF9E6D"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55a1e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AB7D4810-E08C-4D57-857C-03B550DA4907"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x700d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D772D325-C943-4B78-AA22-E20CB108C06C"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x800e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BEDD932E-C844-48D3-BA58-EDBBD3858B4C"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x805c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B94E0657-A28B-491D-9165-149FED2EBBBA"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x806e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F8C71281-E7D3-44BB-A9D9-951F0514401A"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x807c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E1C53B56-0A54-480B-A267-D692C8B65169"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x809c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7394B413-C9C1-476F-939C-20A2AE0568BF"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x810c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AE714E89-CF3A-48F5-8D8D-DC6B91B5A93C"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x850c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "506B28F7-E6B9-48CA-AA3C-3B2CCF750BA3"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x850d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F8036AF3-B0AA-49A8-BF17-5AAD05261049"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x855c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "76AE7635-D579-4031-A9FD-0F39C4D305AE"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x855d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DB46D9E0-E7B6-49EB-B3AD-2C79197ADDDF"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x857c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B122639F-B902-4202-821E-A9C4318E4FD9"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x857d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "ADE01949-0DD1-4B37-8DB5-FDC2D6844602"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x900c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "904AA77A-C57F-4476-99F1-98B936BB1D2E"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x900e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8A6CC066-8512-4C02-A23C-C759317AC705"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x905c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AA3E9F10-5283-4EC4-BFA4-B9A3785A7F22"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x907c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "62B6DAA1-7494-4063-880A-EB14B8FD3150"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x930d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CA8C3782-8A2E-4268-8AD3-4B3B8C83CBE2"
},
{
"criteria": "cpe:2.3:h:sony:xbr-55x930e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "183D906C-04F1-424B-9AF7-FECACD7298AE"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65a1e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4D44273A-8947-4E3C-850C-C8908104EFF5"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x750d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BABC9F21-1B70-405F-B173-C9426FB559B5"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x800c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A466EEAD-33B8-4CDC-9A9D-11FA55A970C0"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x805c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AC477911-6CDA-4CA2-9AB6-CD5FF81AAA61"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x807c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C39CFFCC-48C2-4B5C-A202-59D429BB810C"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x809c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7A2037C6-694E-4263-AFBA-34396187E8F5"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x810c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "06136D31-E072-4B2C-B08C-74BF9681286C"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x850c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E552BE39-E1C2-46CB-9827-06239FF93B49"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x850d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "190B3867-0B4A-4A70-9F55-3547727B0173"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x850e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "47F99A12-A4F6-4A7B-9B7E-C972F7A077F8"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x855c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "39E71E6E-9C5C-403D-B53A-535A63DD7F51"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x855d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DA0853B8-7839-4954-97BC-F79EF61FA5C9"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x857c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2478A1DF-B9AB-426D-B426-47479DFF93E9"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x857d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2AADF6EC-9A78-479C-AF94-1CA78C569280"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x900c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6140C1CE-71C1-465F-AB1F-863AF72A9732"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x900e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "345BF296-998D-4BA6-A64C-B7CDCD0D46C0"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x905c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F5509F41-EB00-4328-866F-0D53307986F0"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x907c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1CBA4A87-F0B8-4364-A8B3-777E980F51CA"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x930c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8368777D-D15E-4680-B586-5DEE797E6833"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x930d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1B39FC21-0E35-4121-9390-9E979F5FE269"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x930e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C24A44F1-32A6-4D9C-8754-1BCDD51679FA"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x935d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "97990738-1441-42ED-AA09-1FAFDE0E5FA5"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65x937d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FC2240A3-7BCF-49D7-9B44-C0EDFCFD382F"
},
{
"criteria": "cpe:2.3:h:sony:xbr-65z9d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BD02259D-E003-4AFB-A637-CE11174BF726"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x850c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "34EDC3E7-334D-499C-9CD5-350BBDBCA592"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x850d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "37B11B1B-B3A3-499B-A9E3-CD63313A168E"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x850e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8F2CDAD9-716B-4925-BD07-2E1BFAFE1C21"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x855c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "25EB300A-F947-49BF-AFC0-5284F525FA73"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x855d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "30E8D96E-6D2C-4400-81BE-0FA9CF819C75"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x857d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "024725D1-9A32-4AE9-94CC-92FAFA1D16FE"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x900e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D678D49B-F943-440E-AAFD-7940D8EED08B"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x910c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E7EFB32A-6C1D-4FE2-BC5C-4161615F6AB3"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x940c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8AD055B9-449D-4333-A088-7709AB2021C5"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x940d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "67B04B6A-EBFE-418C-AD87-FC8C3B3D9717"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x940e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B17CD634-C1E5-487F-BC84-9D0029A0BE86"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75x945c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "33D45F12-708B-48E5-8A55-0E8D192D7A46"
},
{
"criteria": "cpe:2.3:h:sony:xbr-75z9d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B227766B-D36A-4E14-9846-2ED1DF137661"
},
{
"criteria": "cpe:2.3:h:sony:xbr-77a1e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F9A074F0-08E8-419B-9AFA-AB603BDAE42B"
},
{
"criteria": "cpe:2.3:h:sony:xbr-85x850d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FADC4466-5D23-4116-9D8C-B7FB82D14342"
},
{
"criteria": "cpe:2.3:h:sony:xbr-85x855d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E3A6EB18-02E7-4873-9ACA-594E2B8EE2F5"
},
{
"criteria": "cpe:2.3:h:sony:xbr-85x857d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1012B342-7794-4628-BC8D-92C7F1839110"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sony:photo_sharing_plus:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E890A29-7E1E-435E-BFCB-16D090CC2C6F",
"versionEndExcluding": "pkg6.5629"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]