admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/33xxx/CVE-2021-33543.json
Jochen Becker b36bc77506 update 6 CVEs
2022-04-28 16:26:58 +02:00

190 lines
8.5 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"ID": "CVE-2021-33543",
"STATE": "PUBLIC",
"TITLE": "UDP Technology/Geutebrück camera devices: Authentication Bypass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "E2 Series",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "EBC-21xx",
"version_value": "1.12.0.27"
},
{
"version_affected": "=",
"version_name": "EBC-21xx",
"version_value": "1.12.13.2 "
},
{
"version_affected": "=",
"version_name": "EBC-21xx",
"version_value": "1.12.14.5"
},
{
"version_affected": "<=",
"version_name": "EFD-22xx",
"version_value": "1.12.0.27"
},
{
"version_affected": "=",
"version_name": "EFD-22xx",
"version_value": "1.12.13.2 "
},
{
"version_affected": "=",
"version_name": "EFD-22xx",
"version_value": "1.12.14.5"
},
{
"version_affected": "<=",
"version_name": "ETHC-22xx",
"version_value": "1.12.0.27"
},
{
"version_affected": "=",
"version_name": "ETHC-22xx",
"version_value": "1.12.13.2 "
},
{
"version_affected": "=",
"version_name": "ETHC-22xx",
"version_value": "1.12.14.5"
},
{
"version_affected": "<=",
"version_name": "EWPC-22xx",
"version_value": "1.12.0.27"
},
{
"version_affected": "=",
"version_name": "EWPC-22xx",
"version_value": "1.12.13.2 "
},
{
"version_affected": "=",
"version_name": "EWPC-22xx",
"version_value": "1.12.14.5"
}
]
}
},
{
"product_name": "Encoder G-Code",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "EEC-2xx",
"version_value": "1.12.0.27"
},
{
"version_affected": "=",
"version_name": "EEC-2xx",
"version_value": "1.12.13.2 "
},
{
"version_affected": "=",
"version_name": "EEC-2xx",
"version_value": "1.12.14.5"
},
{
"version_affected": "<=",
"version_name": "EEN-20xx",
"version_value": "1.12.0.27"
},
{
"version_affected": "=",
"version_name": "EEN-20xx",
"version_value": "1.12.13.2 "
},
{
"version_affected": "=",
"version_name": "EEN-20xx",
"version_value": "1.12.14.5"
}
]
}
}
]
},
"vendor_name": "Geutebrück"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Titouan Lazard and Ibrahim Ayadhi from RandoriSec reported these vulnerabilities."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/",
"refsource": "CONFIRM",
"url": "https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03",
"refsource": "CONFIRM",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink