Security Vulnerabilities - CVEs Published In March 2019
Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door.
CVSS Score
9.1
EPSS Score
0.001
Published
2019-03-01
In MISP 2.4.102, an authenticated user can view sightings that they should not be eligible for. Exploiting this requires access to the event that has received the sighting. The issue affects instances with restrictive sighting settings (event only / sighting reported only).
CVSS Score
5.3
EPSS Score
0.004
Published
2019-03-01
Page 119