PT-2020-17352 · Mersive · Solstice Pod

Published

2020-12-23

Updated

2020-12-23

CVE-2020-35585

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Solstice Pod versions prior to 3.3.0 Solstice Pod version Open4.3

Description The issue allows the screen key to be enumerated using brute-force attacks via the "/lookin/info" Solstice Open Control API endpoint, due to a limited number of possibilities, approximately 1.7 million.

Recommendations For Solstice Pod versions prior to 3.3.0, update to version 3.3.0 or later. For Solstice Pod version Open4.3, update to a version later than Open4.3. As a temporary workaround, consider restricting access to the "/lookin/info" API endpoint to minimize the risk of exploitation.

Exploit

Fix

Improper Restriction of Excessive Authentication Attempts

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-307

Related Identifiers

CVE-2020-35585

Affected Products

Solstice Pod

PT-2020-17352 · Mersive · Solstice Pod

CVE-2020-35585

Weakness Enumeration

Related Identifiers

Affected Products

References · 6