admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-330xx/CVE-2021-33045.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

638 lines
18 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-33045",
"sourceIdentifier": "cybersecurity@dahuatech.com",
"published": "2021-09-15T22:15:10.687",
"lastModified": "2021-12-02T13:49:55.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n de identidad encontrada en algunos productos Dahua durante el proceso de inicio de sesi\u00f3n. Los atacantes pueden omitir la autenticaci\u00f3n de identidad del dispositivo al construir paquetes de datos maliciosos"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:ipc-hum7xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.820.0000000.5.r.210705",
"matchCriteriaId": "C0356805-3ECF-4C6F-B2BF-95D507736C44"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:ipc-hum7xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE9ACB0-4CB3-4CF5-A007-15EE977D782E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:ipc-hx3xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.800.0000000.29.r.210630",
"matchCriteriaId": "E0D17050-41CA-4808-8ED3-F332FD00B551"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:ipc-hx3xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8936A118-4AB5-4B09-A9FD-E624A68315BD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:ipc-hx5xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.820.0000000.5.r.210705",
"matchCriteriaId": "3F20DC69-B735-4547-826D-E4C42A39FE82"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:ipc-hx5xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2838BDA-97FF-498E-BC81-955D31B9227A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:nvr-1xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000005.1.r.210709",
"matchCriteriaId": "FA1C3935-C83B-4A1A-BEEE-EF93F7722972"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:nvr-1xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7780D1BE-ABE0-4890-B493-36FA0A4B3266"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:nvr-2xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000000.1.r.210710",
"matchCriteriaId": "795EF8B2-5E6D-46EB-9F66-85F2C71B2619"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:nvr-2xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89E3F7B3-3C51-49C1-BAEC-DA4235D5A06D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:nvr-4xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000005.1.r.210713",
"matchCriteriaId": "1386662B-C3DE-467A-8F41-F18BDE7B9726"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:nvr-4xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58ECDC49-09D4-4E62-AC11-E3C52C656A9D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:nvr-5xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000000.0.r.210710",
"matchCriteriaId": "06A6B28A-2E0D-4E45-904A-66FEE5D85262"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:nvr-5xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE621958-8AE2-44E0-9E41-94BC964CDF57"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:nvr-6xx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000001.1.r.210716",
"matchCriteriaId": "90D5A1B3-88D5-4E5E-A88B-59409D41956C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:nvr-6xx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEAC798-870E-4DE6-B7DB-44FAF5360CE5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:vth-542xh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.500.0000002.0.r.210715",
"matchCriteriaId": "6F1138DD-7149-4191-BF6B-5176B8EF3A07"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:vth-542xh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72039FDA-344D-4961-BB1B-E6F32EAFD7C2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:vto-65xxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.300.0000004.0.r.210715",
"matchCriteriaId": "4AC98964-DBDE-438C-A0E7-BF11D1BBC4B0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:vto-65xxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9438ADC0-C8F4-48E1-A905-9914A3AE715E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:vto-75x95x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.300.0000003.0.r.210714",
"matchCriteriaId": "A3FFF94A-7F57-49D2-A6BA-5B58064C41C5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:vto-75x95x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B205125D-5A33-49B0-A2BA-BD833D107924"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:xvr-4x04_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFB4B89-FD66-4A9E-9163-8E27730012C8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:xvr-4x04:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97031A47-9275-45CD-AFBB-A906A3A37D71"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:xvr-4x08_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000001.1.r.210709",
"matchCriteriaId": "83753916-EBB9-4378-9448-79B33EA851C7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:xvr-4x08:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6962025-38D1-4B8E-9C51-2806599F8779"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:xvr-4x04_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000001.1.r.210709",
"matchCriteriaId": "C3D44B80-93EF-41AD-9BFD-B363CC8356CF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:xvr-4x04:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97031A47-9275-45CD-AFBB-A906A3A37D71"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:xvr-5x04_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000003.1.r.210710",
"matchCriteriaId": "44FAD9FC-F99A-45DE-A8FA-031CD0F4680E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:xvr-5x04:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F496B4C1-062B-4C6E-9F8C-C3B49D4D98EF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:xvr-5x08_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000003.1.r.210710",
"matchCriteriaId": "AEAA6256-9F3D-43C7-858C-D07025EE5400"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:xvr-5x08:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA245352-2E71-4401-AB16-1CA8D827D858"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:xvr-5x16_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000003.1.r.210710",
"matchCriteriaId": "4C5D8D60-F5A5-42B2-830B-E4D89828988F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:xvr-5x16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60F64F53-4C08-48A1-A3EB-F3EB5A1C0631"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:xvr-7x16_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000003.1.r.210710",
"matchCriteriaId": "22635FB9-7898-457B-938B-9946CFC9EE73"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:xvr-7x16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95CC3087-2310-4520-8B69-4F21F6F78197"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dahuasecurity:xvr-7x32_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.001.0000003.1.r.210710",
"matchCriteriaId": "5D80CC1B-87EC-44BF-A453-A57350A4C061"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dahuasecurity:xvr-7x32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06268CD6-0DFD-4501-9D4E-AA25E14B215E"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html",
"source": "cybersecurity@dahuatech.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2021/Oct/13",
"source": "cybersecurity@dahuatech.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.dahuasecurity.com/support/cybersecurity/details/957",
"source": "cybersecurity@dahuatech.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink