{ "id": "CVE-2018-19036", "sourceIdentifier": "cve@mitre.org", "published": "2018-12-17T19:29:00.673", "lastModified": "2019-02-22T19:04:36.643", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface." }, { "lang": "es", "value": "Se ha descubierto un problema en varias c\u00e1maras IP de Bosch para versiones de firmware 6.32 y superiores. Un cliente malicioso podr\u00eda tener \u00e9xito a la hora de ejecutar de forma no autorizada c\u00f3digo en el dispositivo mediante la interfaz de red." } ], "metrics": { "cvssMetricV30": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-119" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:bosch:common_product_platform_4_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.32", "matchCriteriaId": "345B8E1B-6A1F-46D2-AE35-6727E10B914B" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:autodome_ip_4000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "C194CD26-2506-4CDA-B264-A5B4461E49C4" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:autodome_ip_5000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA4118A5-E02C-4E45-AD40-3A4B8A477B55" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:autodome_ip_5000_ir:-:*:*:*:*:*:*:*", "matchCriteriaId": "60F11F15-0D43-484D-8583-BF8B04C1C3E2" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:autodome_ip_7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0770768-1D1C-4117-9BB1-0C3712D89B7D" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_hd_1080p:-:*:*:*:*:*:*:*", "matchCriteriaId": "7424D2AF-B721-46D7-87AC-9B91B0CC6B00" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_hd_1080p_hdr:-:*:*:*:*:*:*:*", "matchCriteriaId": "2D5F2509-1F09-4C27-8272-B6E3EF616CA6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_hd_720p:-:*:*:*:*:*:*:*", "matchCriteriaId": "8307990B-492F-4C2D-801C-F4C35F3B71B4" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_imager_9000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEC8845F-998A-4177-B563-2AAC89C6DE4B" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_4000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "82A4400A-7AFA-4478-85CD-D089C82F1A3F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_5000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CEE1007-4FA4-47F9-AFC3-16903953837E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_5000_mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "A537BBF5-7E3C-4FA8-A6B6-5A9E034F7F30" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_bullet_4000:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD171934-8D35-451C-AA43-D0BC9B9325FE" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_bullet_5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D2B561D0-F7C0-4814-837D-1B6FD1905C7F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_starlight_7000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C9244EE-0DA3-4A9A-AC54-4EFC98E59123" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:extegra_ip_dynamic_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "076AB9F9-BB7D-4900-B823-196733AFA43B" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:extegra_ip_starlight_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "2773B680-B10E-47EF-BC8C-E27CD10AC9A2" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_corner_9000_mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "F94E9875-D637-4C0B-8559-359C22B9309E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_hd_1080p:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A402585-3688-4F07-8618-F1745AC1562E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*", "matchCriteriaId": "679D9F8B-8CFC-4366-8479-2698B1AA1DD0" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_hd_720p:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC8CC66C-E83E-465F-A0C4-18652ED63CBB" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_indoor_4000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B59B664-5127-45FF-979B-F60798421594" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_indoor_4000_ir:-:*:*:*:*:*:*:*", "matchCriteriaId": "499F66D8-0C2F-4E96-AE46-CE8E52E6FCCF" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_indoor_5000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "DFEABBF3-611F-4D07-99A9-895F243FAAE9" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_indoor_5000_mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "092F2172-D9DC-44B5-BBCC-5DEE444D4B51" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_micro_2000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "A536C56D-5BEF-4912-A148-58AED3F25E98" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_micro_2000_ip:-:*:*:*:*:*:*:*", "matchCriteriaId": "19B3C854-F7F0-46F8-B815-2ECD65ECAE4F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_micro_5000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "DFDE56EC-F08A-4D0E-9919-E93365E5C2E5" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_micro_5000_mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "468B1704-A743-46EC-B769-04E672D484A6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "688AC375-F3D3-4DF3-A963-99A45BA0EFAB" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_ir:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E81177F-D012-4784-A509-E1870A4D0DE7" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE9AE24E-867D-49C5-8DCA-D5A2C4576225" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC6E9293-F6A9-4451-83DA-804B87FD2FE7" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_panormic_5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "78C6F760-7870-460E-8EE7-9B924CD0AF13" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:ip_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E928825-C189-4869-BFE5-B2B43A74CD38" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:ip_2000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "827974A8-EA89-477A-B983-EC9EA00740C5" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:ip_bullet_4000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F3E4C7C-CBE3-4666-8EC1-9E0238F285DF" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:ip_bullet_5000_hd:-:*:*:*:*:*:*:*", "matchCriteriaId": "22265D7E-A57E-4400-A6E5-2452AA922D99" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:mic_ip_dynamic_7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1701B0BA-B3F1-4FF4-8BCB-7EF071CDA24C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:mic_ip_starlight_7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "462EF3B2-DF64-4626-9EDD-EA3E2D27DD4C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:tinyon_ip_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E5CD60B-96F7-4862-8F08-84FB5D03A240" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p:-:*:*:*:*:*:*:*", "matchCriteriaId": "DBF7566E-1847-44D3-ADC9-404313E3E3D3" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*", "matchCriteriaId": "D012B4BC-8DEF-4549-BEB3-7638EC928B7D" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:vandal-proof_flexidome_hd_720p:-:*:*:*:*:*:*:*", "matchCriteriaId": "02B1B0B3-321D-4C53-B046-3F9872521765" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:bosch:common_product_platform_6_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.32", "matchCriteriaId": "BE6778C1-CB0F-4C84-AED3-A8A640C9DB64" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:aviotec_ip_starlight_8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA8CA583-1323-4254-9A77-20B108DA3BE9" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_starlight_8000_12mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "916A451A-17E0-4B69-9192-73F98E89A517" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_ultra_8000_12mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "16B0CA37-7B57-4ABE-B4FA-1B2961215E2F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_180:-:*:*:*:*:*:*:*", "matchCriteriaId": "DAAECABA-EDE2-42BE-932F-1AB1051946B4" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_180_iva:-:*:*:*:*:*:*:*", "matchCriteriaId": "56B05C1D-55F5-4E4E-A931-9F29ED1ED350" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_360:-:*:*:*:*:*:*:*", "matchCriteriaId": "C795953E-E9A5-43B4-A3B6-FCE56836C970" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_360_iva:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BBA20E2-67B2-4E9A-A305-E7004C9C896F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_180:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3FB1B99-C863-4EFC-B404-CA3E9040B020" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_180_iva:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF2F8290-E930-4A28-A35C-447DD551BC40" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_360:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD228398-A1E9-4081-A41D-8789EC24FEAA" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_360_iva:-:*:*:*:*:*:*:*", "matchCriteriaId": "55B0C4E6-F323-417B-8CC0-9BC29FB94847" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:bosch:common_product_platform_7_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.32", "matchCriteriaId": "F358DA6F-B47D-47E8-AF3F-3D1FFBB57690" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_starlight_6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "F16B33A8-4E22-427C-AE24-730E338A69EC" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_starlight_7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DABCC45-7FBE-4495-99DA-AD1EC5548573" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_thermal_8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "473F64A4-836E-4B52-A257-104B0B169EDD" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_starlight_6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C495481-3B4B-4998-A689-AFECC8C42AE0" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_starlight_7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "C7DD09F7-1424-4AF7-B68E-4869CF87946A" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:bosch:common_product_platform_7.3_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.32", "matchCriteriaId": "8A081C26-9397-40B5-BE1D-07A29747D3AC" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:autodome_ip_4000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "36766648-AFC6-41D0-8D9D-B5967907CAC6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:autodome_ip_5000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "54088B7C-17B2-43C3-A548-B2D3950DB514" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:autodome_ip_starlight_5000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "5893468C-D640-44B2-A2BD-4FC2DBD2484D" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:autodome_ip_starlight_7000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "9A1C3D38-F16B-460C-AB02-50B830ACB473" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_bullet_4000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "3A5D9B25-A125-49CC-A1F5-8C5030220AA4" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_bullet_5000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F2DC56E-1B92-45CD-AF59-817BBA81B302" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:dinion_ip_bullet_6000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "E994E8DB-D532-457A-BF6A-8D7A6983C5D1" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_4000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0AD477B-731C-43C6-BA64-52CED9CDF101" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:flexidome_ip_5000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6F4ACD1-6014-4C5D-AE45-F2297D341C24" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:mic_ip_fusion_9000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "20C96D15-65A8-4A78-A865-3BC2E9D5C77D" }, { "vulnerable": false, "criteria": "cpe:2.3:h:bosch:mic_ip_starlight_7000i:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CCE32D6-C6B5-421A-90F4-912B1AB01D0E" } ] } ] } ], "references": [ { "url": "https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2018-1202-bt-cve-2018-19036_security_advisory_ip_camera_vulnerability.pdf", "source": "cve@mitre.org", "tags": [ "Mitigation", "Patch", "Vendor Advisory" ] } ] }