Vulnerability Details CVE-2019-3936
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted request to TCP port 389. The request will force the slideshow to transition into a "stopped" state. A remote, unauthenticated attacker can use this vulnerability to stop an active slideshow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-3936
-
cpe:2.3:h:crestron:am-100:-
-
cpe:2.3:h:crestron:am-101:-
-
cpe:2.3:o:crestron:am-100_firmware:1.6.0.2
-
cpe:2.3:o:crestron:am-101_firmware:2.7.0.2