CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-15721

The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2018-15721

Logitech » Harmony Hub » Version: N/A

cpe:2.3:h:logitech:harmony_hub:-
Logitech » Harmony Hub Firmware » Version: 4.10.30

cpe:2.3:o:logitech:harmony_hub_firmware:4.10.30
Logitech » Harmony Hub Firmware » Version: 4.11.6

cpe:2.3:o:logitech:harmony_hub_firmware:4.11.6
Logitech » Harmony Hub Firmware » Version: 4.12.36

cpe:2.3:o:logitech:harmony_hub_firmware:4.12.36
Logitech » Harmony Hub Firmware » Version: 4.13.100

cpe:2.3:o:logitech:harmony_hub_firmware:4.13.100
Logitech » Harmony Hub Firmware » Version: 4.14.110

cpe:2.3:o:logitech:harmony_hub_firmware:4.14.110
Logitech » Harmony Hub Firmware » Version: 4.14.123

cpe:2.3:o:logitech:harmony_hub_firmware:4.14.123
Logitech » Harmony Hub Firmware » Version: 4.15.105

cpe:2.3:o:logitech:harmony_hub_firmware:4.15.105
Logitech » Harmony Hub Firmware » Version: 4.15.119

cpe:2.3:o:logitech:harmony_hub_firmware:4.15.119
Logitech » Harmony Hub Firmware » Version: 4.15.193

cpe:2.3:o:logitech:harmony_hub_firmware:4.15.193
Logitech » Harmony Hub Firmware » Version: 4.15.201

cpe:2.3:o:logitech:harmony_hub_firmware:4.15.201
Logitech » Harmony Hub Firmware » Version: 4.15.96

cpe:2.3:o:logitech:harmony_hub_firmware:4.15.96
Logitech » Harmony Hub Firmware » Version: 4.9.40

cpe:2.3:o:logitech:harmony_hub_firmware:4.9.40

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-15721

Products

Pricing

Contact Us