China National Vulnerability DatabaseCNVD-2022-64974Owl Labs Meeting Owl Licensing Issue Vulnerability
7.1 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
4.3 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:M/Au:N/C:P/I:P/A:N
Owl Labs Meeting Owl is a video conferencing device from Owl Labs, Inc. Equipped with an array of cameras and microphones, it captures 360-degree video and audio and automatically focuses on the speaker, making meetings more dynamic and inclusive.Owl Labs Meeting Owl version 5.2.0.15 is vulnerable to an authorization issue that stems from not requiring a password for Bluetooth commands and only using client-side authentication. No detailed vulnerability details are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Owl Labs Meeting Owl 5. | eq | 2.0.15 |
Related
7.1 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
4.3 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:M/Au:N/C:P/I:P/A:N