Search
Find a vulnerability
Search criteria
2 vulnerabilities found for pcs-xg100_firmware by sony
CVE-2016-7830 (GCVE-0-2016-7830)
Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
VLAI
EPSS
VEX
Summary
Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors.
Severity
No CVSS data available.
CWE
- Authentication bypass
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.sony.co.uk/pro/support/attachment/123… | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN42070907/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sony Corporation | PCS-XG100 |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XG100S |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XG100C |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XG77 |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XG77S |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XG77C |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XC1 |
Affected:
firmware version prior to Ver.1.22
|
Date Public
2016-12-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sony.co.uk/pro/support/attachment/1237494431832/1237494431864/videoconferencesecurityenhancement-v3.pdf"
},
{
"name": "JVN#42070907",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN42070907/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PCS-XG100",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XG100S",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XG100C",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XG77",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XG77S",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XG77C",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XC1",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware version prior to Ver.1.22"
}
]
}
],
"datePublic": "2016-12-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-09T15:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sony.co.uk/pro/support/attachment/1237494431832/1237494431864/videoconferencesecurityenhancement-v3.pdf"
},
{
"name": "JVN#42070907",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN42070907/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PCS-XG100",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XG100S",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XG100C",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XG77",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XG77S",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XG77C",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XC1",
"version": {
"version_data": [
{
"version_value": "firmware version prior to Ver.1.22"
}
]
}
}
]
},
"vendor_name": "Sony Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sony.co.uk/pro/support/attachment/1237494431832/1237494431864/videoconferencesecurityenhancement-v3.pdf",
"refsource": "CONFIRM",
"url": "https://www.sony.co.uk/pro/support/attachment/1237494431832/1237494431864/videoconferencesecurityenhancement-v3.pdf"
},
{
"name": "JVN#42070907",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN42070907/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-7830",
"datePublished": "2017-06-09T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:04:56.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7830 (GCVE-0-2016-7830)
Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
VLAI
EPSS
VEX
Summary
Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors.
Severity
No CVSS data available.
CWE
- Authentication bypass
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.sony.co.uk/pro/support/attachment/123… | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN42070907/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sony Corporation | PCS-XG100 |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XG100S |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XG100C |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XG77 |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XG77S |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XG77C |
Affected:
firmware versions prior to Ver.1.51
|
|
| Sony Corporation | PCS-XC1 |
Affected:
firmware version prior to Ver.1.22
|
Date Public
2016-12-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sony.co.uk/pro/support/attachment/1237494431832/1237494431864/videoconferencesecurityenhancement-v3.pdf"
},
{
"name": "JVN#42070907",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN42070907/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PCS-XG100",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XG100S",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XG100C",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XG77",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XG77S",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XG77C",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to Ver.1.51"
}
]
},
{
"product": "PCS-XC1",
"vendor": "Sony Corporation",
"versions": [
{
"status": "affected",
"version": "firmware version prior to Ver.1.22"
}
]
}
],
"datePublic": "2016-12-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-09T15:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sony.co.uk/pro/support/attachment/1237494431832/1237494431864/videoconferencesecurityenhancement-v3.pdf"
},
{
"name": "JVN#42070907",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN42070907/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PCS-XG100",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XG100S",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XG100C",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XG77",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XG77S",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XG77C",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to Ver.1.51"
}
]
}
},
{
"product_name": "PCS-XC1",
"version": {
"version_data": [
{
"version_value": "firmware version prior to Ver.1.22"
}
]
}
}
]
},
"vendor_name": "Sony Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sony.co.uk/pro/support/attachment/1237494431832/1237494431864/videoconferencesecurityenhancement-v3.pdf",
"refsource": "CONFIRM",
"url": "https://www.sony.co.uk/pro/support/attachment/1237494431832/1237494431864/videoconferencesecurityenhancement-v3.pdf"
},
{
"name": "JVN#42070907",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN42070907/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-7830",
"datePublished": "2017-06-09T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:04:56.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}