First published: Fri Nov 17 2017(Updated: )
Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmware versions prior to 79.17.17.09, RX-CLV2-B firmware versions prior to 89.07.17.09, RX-CLV3-N firmware versions prior to 91.09.17.10 allows an attacker on the same LAN to perform arbitrary operations or access information via unspecified vectors.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Sharp Rx-v200 Firmware | <09.87.17.09 | |
Sharp Rx-v200 | ||
Sharp Rx-v100 Firmware | <03.29.17.09 | |
Sharp Rx-v100 | ||
Sharp Rx-clv1-p Firmware | <79.17.17.09 | |
Sharp Rx-clv1-p | ||
Sharp Rx-clv2-b Firmware | <89.07.17.09 | |
Sharp Rx-clv2-b | ||
Sharp Rx-clv3-n Firmware | <91.09.17.10 | |
Sharp Rx-clv3-n |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-10890 is a session management issue in certain firmware versions of Sharp RX-V200, RX-V100, RX-CLV1-P, RX-CLV2-B, and RX-CLV3-N devices.
CVE-2017-10890 affects RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmware versions prior to 79.17.17.09, RX-CLV2-B firmware versions prior to 89.07.17.09, and RX-CLV3-N firmware versions prior to 91.09.17.10.
CVE-2017-10890 has a severity rating of 4.6 (medium).
To fix CVE-2017-10890, update the firmware of your Sharp RX-V200, RX-V100, RX-CLV1-P, RX-CLV2-B, or RX-CLV3-N device to version 09.87.17.09, 03.29.17.09, 79.17.17.09, 89.07.17.09, or 91.09.17.10 respectively.
More information about CVE-2017-10890 can be found at the following link: [https://jvn.jp/en/jp/JVN76382932/index.html]