7.5
CVSSv3

CVE-2020-35587

Published: 23/12/2020 Updated: 23/12/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

** DISPUTED ** In Solstice Pod prior to 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mersive solstice_firmware

Github Repositories

CVE-2021-35587 Description POC for CVE-2021-35587: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager create by antx at 2022-03-14 Detail Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent) Easily exploitable vulnerability allows u

Various CVEs for Solstice Pod from Mersive Technologies

solstice-pod-cves Multiple CVEs for Solstice Pod from Mersive Technologies Inc Alexandre Teyar has identified the following high and medium severity vulnerabilities in Mersive Solstice Pods – a wireless collaboration and presentation platform designed by Mersive Technologies Inc: CVE Description CVSS Base Score CVSS Vector CVE-2017-12945 (Remote) (authenticated)