admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-288xx/CVE-2023-28809.json
cad-safe-bot c19d77f60a Auto-Update: 2023-09-05T18:00:24.728779+00:00
2023-09-05 18:00:28 +00:00

796 lines
21 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-28809",
"sourceIdentifier": "hsrc@hikvision.com",
"published": "2023-06-15T19:15:10.537",
"lastModified": "2023-09-05T17:15:08.280",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "hsrc@hikvision.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
},
{
"source": "hsrc@hikvision.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t320efwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB2BA1B-B272-4B4E-BB2C-3EE2D267CA81"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t320efwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7140EB24-E7B5-4F86-9A5C-0D88D1DA90C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t320efx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAA72A5-4E87-4ADD-B9BC-1A873A861938"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t320efx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21D67B36-A2A7-42E2-A7FB-6BBF3A973E37"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t320ewx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "679EECBE-B875-4D58-98CE-335E9EAF8B25"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t320ewx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4694AEF-26C6-4B03-BCCB-3683CF788085"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t320ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A885F112-F486-4293-A1A7-B69FEB8F1E4F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t320ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C45E6F-34DD-4B08-A87F-D9E7D9775ED1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mfwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0711E27-DE19-4639-BF8E-A48FC5A5472D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mfwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9B3F47-00F9-4C77-AFAF-25D6154E4C15"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mfx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5EB0FE7-3884-4088-A0E2-CF04A5D8C6C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mfx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C842855-FD06-412E-9B88-EDC8B419E87F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35741C9C-4CE7-4196-988F-C623FFD98279"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "541C2F9D-E8D1-4928-B3DE-902B51B33A56"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF3ED7E-3041-4F50-8265-A9F75BC6FC52"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39668BE9-C9D5-4747-A7EA-EC3C9ADC64B0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t341am_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85524CE8-644F-4E8B-B61F-EBD4188F356B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t341am:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F12C75F-FEA4-478D-968A-9B864C49CBFE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t341amf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19543853-5D0A-437A-8CDF-236D862D7F9E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t341amf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E8A304-F67E-4C0E-995B-719E9AFD2791"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t341cm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A853DC4-2BE1-4709-BCCA-AE0420DC8414"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t341cm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "624D45FC-FC44-4A02-AE3F-23AD132290B4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t343ewx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8B098D-7B32-42A3-ABA0-6148AF132750"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t343ewx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98F2425-FCB9-40DE-BCE0-3CA9BA6067BF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t343ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "644FF6D6-CD32-44D1-A629-6FE0FC2F2025"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t343ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EB3496-4191-4092-961C-5F68D7A99EF6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t343mwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AD49A-F965-493A-8EA6-7F10EDD049E6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t343mwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7416B8F5-2918-4418-8A5C-860C5A236BCA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t343mx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9CF5F7-31FD-4247-A05F-2425B00F551F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t343mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4D8C07-AB2F-4E97-B3E9-C97EFAD3F017"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t671_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE328C4-08C2-436B-A95E-E03A0D96662F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t671:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B322AE4-4BE3-46EE-BFFD-730274270D52"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t671m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B0D6A71-EA45-4A29-A98F-3B7F46AFCED6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t671m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4902A1D4-7DF1-4718-BF06-DD6E7EE43E8E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t671mf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB663C89-06C3-49F9-8316-A9F3883A8488"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t671mf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFBF47B3-0575-47C7-81E6-43E52411EA4D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t671t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55E53965-E177-44B0-AB95-80323745741D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t671t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABB7E6B-3B39-4D18-A900-FB9818087085"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A95CBFF1-3E92-4080-9B57-185EFEB3D6A2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "050D18D3-868E-47DE-8ACF-55C0278F36DD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tm-3xf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D62D9A96-8A4A-488B-87CB-4A88531F483B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tm-3xf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7844556-1139-4E47-83BF-74E245AB64DC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tmf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8680383B-7404-4C52-878B-4017C5505298"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tmf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9D7580-7608-466A-9EC2-49891138C31C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tmfw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E59B90D-F25D-4A59-A0EA-17ED42C99500"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tmfw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FAC44FD-D7D4-4499-BD3C-6FA15D0C058F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tmw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3FC30B-562F-432F-B804-62362E5E2F6F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tmw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3C9724-1422-45A2-BFA4-D0132D090CCD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t804af_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A641FCD-EB20-4B0E-A536-AD29ABA9FF6D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t804af:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2888DD-2FBC-453F-ADED-2134D526EB7A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hikvision:ds-k1t804amf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47C3FB28-D6FE-4455-A71C-C8BD082D092B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hikvision:ds-k1t804amf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F0BEA6-D675-4B8D-AEE3-44A63C7107D5"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html",
"source": "hsrc@hikvision.com"
},
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/",
"source": "hsrc@hikvision.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink