CVE-2017-10890

2017-11-1714:00:00

jpcert

www.cve.org

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.8%

JSON

Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmware versions prior to 79.17.17.09, RX-CLV2-B firmware versions prior to 89.07.17.09, RX-CLV3-N firmware versions prior to 91.09.17.10 allows an attacker on the same LAN to perform arbitrary operations or access information via unspecified vectors.

CNA Affected

[
  {
    "product": "RX-V200 firmware",
    "vendor": "Sharp Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "prior to 09.87.17.09"
      }
    ]
  },
  {
    "product": "RX-V100 firmware",
    "vendor": "Sharp Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "prior to 03.29.17.09"
      }
    ]
  },
  {
    "product": "RX-CLV1-P firmware",
    "vendor": "Sharp Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "prior to 79.17.17.09"
      }
    ]
  },
  {
    "product": "RX-CLV2-B firmware",
    "vendor": "Sharp Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "prior to 89.07.17.09"
      }
    ]
  },
  {
    "product": "RX-CLV3-N firmware",
    "vendor": "Sharp Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "prior to 91.09.17.10"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN76382932/index.html