Vulnerability Details CVE-2019-18833
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.0%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
Products affected by CVE-2019-18833
-
cpe:2.3:h:barco:clickshare_button_r9861500d01:-
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:-
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.1.0.8
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.2.0.1
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.2.1.1
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.2.2.3
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.3.0.29
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.3.1.5
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.3.4.8
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.4.0.105
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.4.2.12
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.5.0.12
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.5.1.2
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.5.2.3
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.6.0.3
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.6.1.2
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.7.0.22
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.7.1.1
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.8.0.6
-
cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:1.8.1.2