admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-29xx/CVE-2015-2909.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

638 lines
18 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-2909",
"sourceIdentifier": "cret@cert.org",
"published": "2020-02-06T15:15:11.047",
"lastModified": "2020-02-12T21:34:03.153",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote attackers to obtain access by leveraging situations in which this warning was not heeded. NOTE: the vendor states \"The user is presented with clear warnings on the GUI that they should set usernames and passwords.\""
},
{
"lang": "es",
"value": "Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense y DS2 se basan en una advertencia de la GUI para ayudar a garantizar que el administrador configure las credenciales de inicio de sesi\u00f3n, lo que facilita a atacantes remotos obtener acceso mediante el aprovechamiento de situaciones en las que a esta advertencia no se le prest\u00f3 atenci\u00f3n. NOTA: el proveedor declara \"El usuario se le presentan advertencias claras en la GUI de que deben configurar los nombres de usuario y contrase\u00f1as\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:dv-ip_express_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8F384B2-8664-4BB8-9111-6D74780C27F7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:dv-ip_express:-:*:*:*:*:*:*:*",
"matchCriteriaId": "602C10B4-BF3C-47D4-A94E-42F012400DFA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd-advanced_-_sdhd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "332B9E94-BC28-4E58-9BE1-66712B730FF6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd-advanced_-_sdhd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74F3EEE6-025E-47C3-BD0B-6141B59121C4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd-advanced_8\\/12\\/16_vga_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26A732B4-B87B-4DE7-8FCD-37261CC4756B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd-advanced_8\\/12\\/16_vga:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49BDBE71-B297-457C-AB47-77D3A2CCD9F8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_advanced_closed_iptv_\\(m3u\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A456130-FB52-4BDA-A7DE-C0D4569CD6F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_advanced_closed_iptv_\\(m3u\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEB3DD3-B4AF-455E-82A4-5CB0E3208154"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_advanced_non_closed_iptv_\\(m3u\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BA14D2-6872-40E2-9854-0C347EEA85E0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_advanced_non_closed_iptv_\\(m3u\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1188D9-FF5B-4871-B6F8-9CB2C5E198E2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_advanced_nvr_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7C9B70-F481-4103-94AF-D7B564B92C41"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_advanced_nvr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "003BBE05-7606-4FBE-95CF-F0EB5494ED89"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_32_\\(m3g\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6C02755-872D-41E8-909B-F7B0C73D773C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_32_\\(m3g\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "00EFD5DE-1C95-41E9-AA2C-28ADA6FE5ED4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_32_\\(m3h\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D763480-5F17-472B-9194-DF7FEB1EDB8A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_32_\\(m3h\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3290653A-7F36-4FF9-A996-80095758FAFD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_4_\\(m3s\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA83431-215A-42BD-BC18-A3409EB19439"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_4_\\(m3s\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "25710A9E-8FAE-4A77-8561-ADD63A637387"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_4_\\(m3t\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ABA204-F560-4340-A268-1E3F9074DEB1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_4_\\(m3t\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "661D6443-8174-4A9E-AAA7-775B6D82C64F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_8\\/12\\/16_no_kbd_\\(m3r\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BAF6E88-F220-4572-8D5B-AFAB58E8D2B9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_8\\/12\\/16_no_kbd_\\(m3r\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8B7F37-743C-42B5-9DAE-468451D75D0E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_8\\/12\\/16_no_kbd_\\(m3s\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA0634A-FEA9-47E9-B9FC-0AEF2209D97C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_8\\/12\\/16_no_kbd_\\(m3s\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC93B21-9FA0-473E-8454-AD2FF091CC2A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_8\\/16_front_panel_kbd_\\(m3r\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A8804F1-E3E7-42F7-81D9-8C4EDF5339EB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_8\\/16_front_panel_kbd_\\(m3r\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "50FE059B-8B29-4855-8E25-5008090E8173"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:sd_8\\/16_front_panel_kbd_\\(m3u\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76114EEC-1948-4D24-B2B5-37FA941CAD09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:sd_8\\/16_front_panel_kbd_\\(m3u\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF6E9E35-2A14-4B0F-B36A-1BE3A1575DEC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:ecosense_4\\/8\\/16_\\(m4t\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "765CFEBA-0DA1-4391-8022-F2B142502E99"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:ecosense_4\\/8\\/16_\\(m4t\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "24641CF1-970A-4344-B4B7-EE7CE2C14D78"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:ds2_\\(dvtr\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "826C5088-35A6-4288-868F-AE72DDC14336"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:ds2_\\(dvtr\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7BCF22E-A5EA-4975-A282-4B80A35E8C14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:ds2_\\(dvtu\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA8A86B-648F-4E8E-8320-2FF455F05BC6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:ds2_\\(dvtu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0F4A60E-8EF0-42FD-9D54-502EF0954C8A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:ds2_\\(dvtx\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA8CF54-4767-4689-85EF-710754D6FAA9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:ds2_\\(dvtx\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8ECD808-156E-4936-B237-75CB29D3DB6F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:ds2_\\(dvtx\\)_netvu_connected_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B80E270E-55E1-464C-BC7F-948DD1890160"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:ds2_\\(dvtx\\)_netvu_connected:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66EB08A9-11C0-4629-9FD9-DA6178A301B1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netvu:ds2_\\(m2ip\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5B90CC-181D-4278-9157-3AF3A2F4365E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netvu:ds2_\\(m2ip\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9430043-BEE0-41EF-A731-4290796A927E"
}
]
}
]
}
],
"references": [
{
"url": "http://cybergibbons.com/security-2/shodan-searches/interesting-shodan-searches-sd-advanced-dvrs/",
"source": "cret@cert.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/276148",
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink