Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for lightify_pro by osram
CVE-2016-5059 (GCVE-0-2016-5059)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI
Summary
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application.
Severity
No CVSS data available.
CWE
- Cached Screenshot Information Leak
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rapid7.com/community/infosec/bl… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 |
Affected:
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26
|
Date Public
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cached Screenshot Information Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"version": {
"version_data": [
{
"version_value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cached Screenshot Information Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5059",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5058 (GCVE-0-2016-5058)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI
Summary
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay.
Severity
No CVSS data available.
CWE
- ZigBee Network Command Replay
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rapid7.com/community/infosec/bl… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 |
Affected:
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26
|
Date Public
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "ZigBee Network Command Replay",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26",
"version": {
"version_data": [
{
"version_value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ZigBee Network Command Replay"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5058",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5057 (GCVE-0-2016-5057)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI
Summary
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning.
Severity
No CVSS data available.
CWE
- Lack of SSL Pinning
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rapid7.com/community/infosec/bl… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 |
Affected:
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26
|
Date Public
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Lack of SSL Pinning",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5057",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26",
"version": {
"version_data": [
{
"version_value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Lack of SSL Pinning"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5057",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5056 (GCVE-0-2016-5056)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI
Summary
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.
Severity
No CVSS data available.
CWE
- Weak Default WPA2 PSKs
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rapid7.com/community/infosec/bl… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 |
Affected:
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26
|
Date Public
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Default WPA2 PSKs",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"version": {
"version_data": [
{
"version_value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Default WPA2 PSKs"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5056",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5055 (GCVE-0-2016-5055)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI
Summary
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page.
Severity
No CVSS data available.
CWE
- XSS
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rapid7.com/community/infosec/bl… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 |
Affected:
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26
|
Date Public
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"version": {
"version_data": [
{
"version_value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5055",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5059 (GCVE-0-2016-5059)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI
Summary
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application.
Severity
No CVSS data available.
CWE
- Cached Screenshot Information Leak
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rapid7.com/community/infosec/bl… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 |
Affected:
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26
|
Date Public
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cached Screenshot Information Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"version": {
"version_data": [
{
"version_value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cached Screenshot Information Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5059",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5056 (GCVE-0-2016-5056)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI
Summary
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.
Severity
No CVSS data available.
CWE
- Weak Default WPA2 PSKs
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rapid7.com/community/infosec/bl… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 |
Affected:
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26
|
Date Public
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Default WPA2 PSKs",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"version": {
"version_data": [
{
"version_value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Default WPA2 PSKs"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5056",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5058 (GCVE-0-2016-5058)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI
Summary
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay.
Severity
No CVSS data available.
CWE
- ZigBee Network Command Replay
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rapid7.com/community/infosec/bl… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 |
Affected:
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26
|
Date Public
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "ZigBee Network Command Replay",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26",
"version": {
"version_data": [
{
"version_value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ZigBee Network Command Replay"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5058",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5055 (GCVE-0-2016-5055)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI
Summary
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page.
Severity
No CVSS data available.
CWE
- XSS
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rapid7.com/community/infosec/bl… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 |
Affected:
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26
|
Date Public
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26",
"version": {
"version_data": [
{
"version_value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5055",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5057 (GCVE-0-2016-5057)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI
Summary
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning.
Severity
No CVSS data available.
CWE
- Lack of SSL Pinning
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rapid7.com/community/infosec/bl… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 |
Affected:
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26
|
Date Public
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Lack of SSL Pinning",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5057",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26",
"version": {
"version_data": [
{
"version_value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Lack of SSL Pinning"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5057",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}