ГлавнаяУязвимости → CVE-2020-36922
7.5высокая

CVE-2020-36922

Описание

Sony BRAVIA Digital Signage 1.7.8 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive system details through API endpoints. Attackers can retrieve network interface information, server configurations, and system metadata by sending requests to the exposed system API.

Затрагиваемое ПО
Sony Bravia signage
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://cxsecurity.com/issue/WLB-2020120028https://exchange.xforce.ibmcloud.com/vulnerabilities/192606https://packetstorm.news/files/id/160343https://pro-bravia.sony.nethttps://pro-bravia.sony.net/resources/software/bravia-signage/https://pro.sony/ue_US/products/display-softwarehttps://www.exploit-db.com/exploits/49187https://www.vulncheck.com/advisories/sony-bravia-digital-signage-unauthenticated-system-api-information-disclosure