Vulnerability Description
Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU before 9.3.1 build 4.08.003.0, when USB Wi-Fi or Direct LAN is enabled, and MK 3.0 VPU before 9.3.1 build 5.06.000.0, when Embedded Wi-Fi or Direct LAN is enabled, does not use encryption, which allows remote attackers to obtain sensitive information by sniffing the network for client-server traffic, as demonstrated by Active Directory credential information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Panasonic | Arbitrator Back-End Server Mk 3.0 Vpu Firmware | <= 9.3.1 |
| Panasonic | Arbitrator Back-End Server Mk 3.0 Vpu | - |
| Panasonic | Arbitrator Back-End Server Mk 2.0 Vpu Firmware | <= 9.3.1 |
| Panasonic | Arbitrator Back-End Server Mk 2.0 Vpu | - |
Related Weaknesses (CWE)
References
- http://us2.campaign-archive1.com/?u=8c9cff2e712e3b7d09a07ecef&id=21f059b3abVendor Advisory
- http://www.kb.cert.org/vuls/id/117604Third Party AdvisoryUS Government Resource
- http://us2.campaign-archive1.com/?u=8c9cff2e712e3b7d09a07ecef&id=21f059b3abVendor Advisory
- http://www.kb.cert.org/vuls/id/117604Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2014-9596?
CVE-2014-9596 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU before 9.3.1 build 4.08.003.0, when USB Wi-Fi or Direct LAN is enabled, and MK 3.0 VPU before 9.3.1 build 5.06.000.0, when Embedded Wi-Fi or Direc...
How severe is CVE-2014-9596?
CVE-2014-9596 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-9596?
Check the references section above for vendor advisories and patch information. Affected products include: Panasonic Arbitrator Back-End Server Mk 3.0 Vpu Firmware, Panasonic Arbitrator Back-End Server Mk 3.0 Vpu, Panasonic Arbitrator Back-End Server Mk 2.0 Vpu Firmware, Panasonic Arbitrator Back-End Server Mk 2.0 Vpu.