admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-330xx/CVE-2021-33044.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

639 lines
18 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-33044",
"sourceIdentifier": "cybersecurity@dahuatech.com",
"published": "2021-09-15T22:15:10.497",
"lastModified": "2021-12-02T13:50:00.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n de identidad encontrada en algunos productos Dahua durante el proceso de inicio de sesi\u00f3n. Los atacantes pueden omitir la autenticaci\u00f3n de la identidad del dispositivo al construir paquetes de datos maliciosos"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:ipc-hum7xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.820.0000000.5.r.210705",
"matchCriteriaId": "C0356805-3ECF-4C6F-B2BF-95D507736C44"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:ipc-hum7xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE9ACB0-4CB3-4CF5-A007-15EE977D782E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:ipc-hx3xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.800.0000000.29.r.210630",
"matchCriteriaId": "E0D17050-41CA-4808-8ED3-F332FD00B551"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:ipc-hx3xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8936A118-4AB5-4B09-A9FD-E624A68315BD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:ipc-hx5xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.820.0000000.18.r.210705",
"matchCriteriaId": "04346BB7-74D1-46C4-B058-076B16C0209F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:ipc-hx5xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2838BDA-97FF-498E-BC81-955D31B9227A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:sd1a1_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.812.0000007.0.r.210706",
"matchCriteriaId": "4BA2AB22-37B0-471F-B6E4-BB3F3A6FB817"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:sd1a1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD58DE-D990-4C98-853B-21B79CD07EEC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:sd22_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.812.0000007.0.r.210706",
"matchCriteriaId": "17FADF4C-29F2-449A-B57E-59F2338D433C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:sd22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428852DE-BDE3-4CE4-972C-821E88C7F930"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:sd41_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.812.0000007.0.r.210706",
"matchCriteriaId": "0E306AAC-7BCD-4A76-8C7B-8399B54E12CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:sd41:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61F87969-66DA-45EF-861C-3D3189388160"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:sd50_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.812.0000007.0.r.210706",
"matchCriteriaId": "69712780-BA39-4B2E-810C-E9BCF6E213F1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:sd50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "984AD4D5-D689-4150-A1EE-D48B81CBB7C8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:sd52c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.812.0000007.0.r.210706",
"matchCriteriaId": "69E7E0D4-7E9B-4580-B28A-898146DED548"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:sd52c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA0D206-5BE7-4592-8D3E-641F47164770"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:sd6al_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.812.0000007.0.r.210706",
"matchCriteriaId": "41A67081-5051-47A0-A0EA-1C41A78F5C9A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:sd6al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C35F4371-334B-4EA8-8F48-498C81652F7C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:tpc-bf1241_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.630.0000000.6.r.210707",
"matchCriteriaId": "468FD434-642E-4613-B720-84254D9B9960"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:tpc-bf1241:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73B58CBF-EB67-4F02-BBAE-FFC329B8873C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:tpc-bf2221_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.630.0000000.10.r.210707",
"matchCriteriaId": "C24A62B1-EFFA-4D22-ACB3-A645B325C280"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:tpc-bf2221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E314BF6-76B4-4ADB-B555-7DAF92F60485"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:tpc-bf5x01_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.630.0000000.12.r.210707",
"matchCriteriaId": "C60703FA-F833-472C-84FC-2366409F484B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:tpc-bf5x01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EA0704-EC7A-457A-9AC1-A39B07229DFE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:tpc-pt8x21b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.630.0000000.10.r.210701",
"matchCriteriaId": "EED64E60-F703-4116-9F34-7FDBD6906E33"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:tpc-pt8x21b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DABC76F-9824-43F3-B230-656F6C99CDA8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:tpc-sd2221_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.630.0000000.7.r.210707",
"matchCriteriaId": "F49DC7A3-6FBB-4B52-848C-50EEAEFBF0B0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:tpc-sd2221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D166CD0E-92CC-44FA-A520-FFFEBE2D7D50"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:tpc-sd8x21_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.630.0000000.9.r.210706",
"matchCriteriaId": "BF2B9320-63F7-4076-B60B-674CBADC2235"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:tpc-sd8x21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75A88A53-91D8-4019-95EB-F6FEFF469F9A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:vto-65xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.300.0000004.0.r.210715",
"matchCriteriaId": "4AC98964-DBDE-438C-A0E7-BF11D1BBC4B0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:vto-65xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9438ADC0-C8F4-48E1-A905-9914A3AE715E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:vto-75x95x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.300.0000003.0.r.210714",
"matchCriteriaId": "A3FFF94A-7F57-49D2-A6BA-5B58064C41C5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:vto-75x95x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B205125D-5A33-49B0-A2BA-BD833D107924"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:vth-542xh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.500.0000002.0.r.210715",
"matchCriteriaId": "6F1138DD-7149-4191-BF6B-5176B8EF3A07"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:vth-542xh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72039FDA-344D-4961-BB1B-E6F32EAFD7C2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:tpc-bf5x21_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.630.0000000.8.r.210630",
"matchCriteriaId": "ADA22FE4-6663-4852-9D82-F311520BB4D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:tpc-bf5x21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A693D2B-F82D-41C8-A219-532CB5FD1FB6"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html",
"source": "cybersecurity@dahuatech.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2021/Oct/13",
"source": "cybersecurity@dahuatech.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.dahuasecurity.com/support/cybersecurity/details/957",
"source": "cybersecurity@dahuatech.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink