Follow @discotekdotca
CVE-2019-18831
Current Description
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.
Basic Data
| Published | December 16, 2019 |
|---|---|
| Last Modified | December 23, 2019 |
| Assigner | cve@mitre.org |
| Data Type | CVE |
| Data Format | MITRE |
| Data Version | 4.0 |
| Problem Type | CWE-200 |
| CVE Data Version | 4.0 |
Base Metric V2
| CVSS 2 - Version | 2.0 |
|---|---|
| CVSS 2 - Vector String | AV:N/AC:M/Au:S/C:P/I:N/A:N |
| CVSS 2 - Access Vector | NETWORK |
| CVSS 2 - Access Complexity | MEDIUM |
| CVSS 2 - Authentication | SINGLE |
| CVSS 2 - Confidentiality Impact | PARTIAL |
| CVSS 2 - Availability Impact | NONE |
| CVSS 2 - Base Score | 3.5 |
| Severity | LOW |
| Exploitability Score | 6.8 |
| Impact Score | 2.9 |
| Obtain All Privilege | false |
| Obtain User Privilege | false |
| Obtain Other Privilege | false |
Base Metric V3
No data provided.
Configurations
-
AND
-
OR - Configuration 1
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 OS Barco Clickshare Cs-100 Firmware * * * * * * * * � � � 1.9.0 -
OR Running on/with:
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 Hardware Barco Clickshare Cs-100 - * * * * * * * � � � �
-
OR - Configuration 1
-
AND
-
OR - Configuration 2
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 OS Barco Clickshare Cse-200 Firmware * * * * * * * * � � � 1.9.0 -
OR Running on/with:
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 Hardware Barco Clickshare Cse-200 - * * * * * * * � � � �
-
OR - Configuration 2
-
AND
-
OR - Configuration 3
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 OS Barco Clickshare Cse-200 Firmware * * * * * * * * � � � 1.9.0 -
OR Running on/with:
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 Hardware Barco Clickshare Cse-200 - * * * * * * * � � � �
-
OR - Configuration 3
-
AND
-
OR - Configuration 4
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 OS Barco Clickshare Cse-800 Firmware * * * * * * * * � � � 1.9.0 -
OR Running on/with:
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 Hardware Barco Clickshare Cse-800 - * * * * * * * � � � �
-
OR - Configuration 4
Vulnerable Software List
| Vendor | Product | Versions |
|---|---|---|
| Barco | Clickshare Cse-200 Firmware | * |
| Barco | Clickshare Cs-100 Firmware | * |
| Barco | Clickshare Cse-200 Firmware | * |
| Barco | Clickshare Cse-800 Firmware | * |
References
| Name | Source | URL | Tags |
|---|---|---|---|
| https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/ | https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/ | MISC | Third Party Advisory |
| https://www.barco.com/en/clickshare/firmware-update | https://www.barco.com/en/clickshare/firmware-update | MISC | Vendor Advisory |
| https://www.barco.com/en/support/software/R33050069?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 | https://www.barco.com/en/support/software/R33050069?majorVersion=01&minorVersion=09&patchVersion=01& | MISC | Product |
| https://www.barco.com/en/support/software/R33050070?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 | https://www.barco.com/en/support/software/R33050070?majorVersion=01&minorVersion=09&patchVersion=01& | MISC | Product Vendor Advisory |
| https://www.barco.com/en/support/software/R33050095?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 | https://www.barco.com/en/support/software/R33050095?majorVersion=01&minorVersion=09&patchVersion=01& | MISC | Product Vendor Advisory |
| https://www.barco.com/en/support/software/R33050125?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 | https://www.barco.com/en/support/software/R33050125?majorVersion=01&minorVersion=09&patchVersion=01& | MISC | Product Vendor Advisory |