Vulnerabilities > CVE-2020-35586 - Improper Restriction of Excessive Authentication Attempts vulnerability in Mersive Solstice POD Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there is no complexity requirement (e.g., it might be all digits or all lowercase letters).
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://documentation.mersive.com/content/pages/release-notes.htm
- https://documentation.mersive.com/content/pages/release-notes.htm
- https://github.com/aress31/solstice-pod-cves
- https://github.com/aress31/solstice-pod-cves
- https://www.mersive.com/uk/products/solstice/
- https://www.mersive.com/uk/products/solstice/