{ "id": "CVE-2022-40903", "sourceIdentifier": "cve@mitre.org", "published": "2022-11-14T23:15:11.657", "lastModified": "2024-11-21T07:22:14.360", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Aiphone GT-DMB-N 3-in-1 Video Entrance Station with NFC Reader 1.0.3 does not mitigate against repeated failed access attempts, which allows an attacker to gain administrative privileges." }, { "lang": "es", "value": "La estaci\u00f3n de entrada de v\u00eddeo 3 en 1 Aiphone GT-DMB-N con lector NFC 1.0.3 no mitiga los repetidos intentos fallidos de acceso, lo que permite a un atacante obtener privilegios administrativos." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:aiphone:gt-dmb-n_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.00", "matchCriteriaId": "F6D30440-5146-487B-9E8B-C7158C77A08D" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:aiphone:gt-dmb-n:-:*:*:*:*:*:*:*", "matchCriteriaId": "0AB295CF-BCDE-4AD7-9B9A-405A80DDF2BE" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:aiphone:gt-dmb_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.00", "matchCriteriaId": "D496A08F-D301-45C4-8D7E-EA56BCCBFBBE" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:aiphone:gt-dmb:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE4BFBE3-975D-4604-BD00-D979179919BC" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:aiphone:gt-dmb-lvn_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.00", "matchCriteriaId": "891D2AC0-53E7-4ABE-B9FC-9CE4CD05C249" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:aiphone:gt-dmb-lvn:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE20C953-30DB-4A6D-8926-2A4958CBB753" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:aiphone:gt-db-vn_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.00", "matchCriteriaId": "226D2E6E-FF2B-4EE5-A416-B2FD1795DC0E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:aiphone:gt-db-vn:-:*:*:*:*:*:*:*", "matchCriteriaId": "652A6388-F059-4A14-8D7E-EC59892EAD48" } ] } ] } ], "references": [ { "url": "https://jvn.jp/en/jp/JVN75437943/index.html", "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "https://www.aiphone.net/", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "https://jvn.jp/en/jp/JVN75437943/index.html", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "https://www.aiphone.net/", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] } ] }