CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
54.3%
Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright.
Vendor | Product | Version | CPE |
---|---|---|---|
snapone | orvc | * | cpe:2.3:a:snapone:orvc:*:*:*:*:*:pro:*:* |
control4 | ca-1 | - | cpe:2.3:h:control4:ca-1:-:*:*:*:*:*:*:* |
control4 | ca-10 | - | cpe:2.3:h:control4:ca-10:-:*:*:*:*:*:*:* |
control4 | ea-1 | - | cpe:2.3:h:control4:ea-1:-:*:*:*:*:*:*:* |
control4 | ea-3 | - | cpe:2.3:h:control4:ea-3:-:*:*:*:*:*:*:* |
control4 | ea-5 | - | cpe:2.3:h:control4:ea-5:-:*:*:*:*:*:*:* |
snapone | an-110-rt-2l1w | - | cpe:2.3:h:snapone:an-110-rt-2l1w:-:*:*:*:*:*:*:* |
snapone | an-110-rt-2l1w-wifi | - | cpe:2.3:h:snapone:an-110-rt-2l1w-wifi:-:*:*:*:*:*:*:* |
snapone | an-310-rt-4l2w | - | cpe:2.3:h:snapone:an-310-rt-4l2w:-:*:*:*:*:*:*:* |
snapone | ovrc-300-pro | - | cpe:2.3:h:snapone:ovrc-300-pro:-:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
54.3%