China National Vulnerability DatabaseCNVD-2022-64976Owl Labs Meeting Owl Information Disclosure Vulnerability
6.5 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.3 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N
Owl Labs Meeting Owl is a video conferencing device from Owl Labs, Inc. Equipped with a series of cameras and microphones, it captures 360-degree video and audio and automatically focuses on the speaker, making meetings more dynamic and inclusive.Owl Labs Meeting Owl version 5.2.0.15 contains an information disclosure vulnerability that could be exploited by an attacker to retrieve a password hash via Bluetooth using a certain c10 value.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Owl Labs Meeting Owl 5. | eq | 2.0.15 |
Related
6.5 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.3 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N