{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-12-17T13:51:58.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.barco.com/en/clickshare/firmware-update"}, {"tags": ["x_refsource_MISC"], "url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-18832", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.barco.com/en/clickshare/firmware-update", "refsource": "MISC", "url": "https://www.barco.com/en/clickshare/firmware-update"}, {"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/", "refsource": "MISC", "url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T02:02:39.781Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.barco.com/en/clickshare/firmware-update"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-18832", "datePublished": "2019-12-17T13:51:58.000Z", "dateReserved": "2019-11-07T00:00:00.000Z", "dateUpdated": "2024-08-05T02:02:39.781Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "99C3E881-7CCC-40BA-82EC-9D3B68C635C1", "versionEndExcluding": "1.9.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:barco:clickshare_button_r9861500d01:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDEA8D4F-FA2D-4B2A-81D5-7843FE198B23", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."}, {"lang": "es", "value": "Los dispositivos Barco ClickShare Button R9861500D01 versiones anteriores a la versi\u00f3n 1.9.0, tienen una Gesti\u00f3n de Credenciales incorrecta. Los ClickShare Button implementan el cifrado en reposo que utiliza una clave de cifrado AES (OTP) programable de una sola vez. Esta clave se comparte en todos los dispositivos ClickShare Buttons del modelo R9861500D01."}], "id": "CVE-2019-18832", "lastModified": "2024-11-21T04:33:40.220", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-12-17T14:15:17.967", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.barco.com/en/clickshare/firmware-update"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.barco.com/en/clickshare/firmware-update"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-327"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}