CVE-2008-1938
Severity Score
6.4
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL certificates, which allows remote attackers to obtain sensitive information and conduct spoofing attacks.
El firmware del Sony Mylo COM-2, modelo japonés anterior a 1.002 no verifica de forma adecuada el certificado SSL del servidor Web, lo que permite a los atacantes remotos obtener información sensible y conducir ataques de Spoofing.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-04-24 CVE Reserved
- 2008-04-24 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://esupport.sony.com/perl/news-item.pl?news_id=262&mdl=COM2 | X_refsource_confirm | |
| http://jvn.jp/jp/JVN%2376788395/index.html | Third Party Advisory | |
| http://mylo.nccl.sony.co.jp/download/M-W002-001-02/index.html | X_refsource_confirm | |
| http://mylo.nccl.sony.co.jp/hotnews/2008/04/01/index.html | X_refsource_confirm | |
| http://www.securityfocus.com/bid/28905 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/1349/references | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41971 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/29928 | 2017-08-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sony Search vendor "Sony" | Mylo Com 2 Search vendor "Sony" for product "Mylo Com 2" | <= 1.001 Search vendor "Sony" for product "Mylo Com 2" and version " <= 1.001" | ja |
Affected
| ||||||
| Sony Search vendor "Sony" | Mylo Com 2 Search vendor "Sony" for product "Mylo Com 2" | <= 1.100 Search vendor "Sony" for product "Mylo Com 2" and version " <= 1.100" | en |
Affected
| ||||||