CVE-2014-9596

Name of the Vulnerable Software and Affected Versions Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU versions prior to 9.3.1 build 4.08.003.0 Panasonic Arbitrator Back-End Server (BES) MK 3.0 VPU versions prior to 9.3.1 build 5.06.000.0

Description The issue allows remote attackers to obtain sensitive information by sniffing the network for client-server traffic when certain network settings are enabled. This can lead to the exposure of sensitive data, such as Active Directory credential information.

Recommendations For Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU versions prior to 9.3.1 build 4.08.003.0, update to version 9.3.1 build 4.08.003.0 or later to resolve the issue. For Panasonic Arbitrator Back-End Server (BES) MK 3.0 VPU versions prior to 9.3.1 build 5.06.000.0, update to version 9.3.1 build 5.06.000.0 or later to resolve the issue. As a temporary workaround, consider disabling USB Wi-Fi or Direct LAN for MK 2.0 VPU and Embedded Wi-Fi or Direct LAN for MK 3.0 VPU until a patch is applied.