admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-266xx/CVE-2021-26627.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

151 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-26627",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2022-04-19T21:15:12.807",
"lastModified": "2022-04-27T18:10:35.383",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Real-time image information exposure is caused by insufficient authentication for activated RTSP port. This vulnerability could allow to remote attackers to send the RTSP requests using ffplay command and lead to leakage a live image."
},
{
"lang": "es",
"value": "Una exposici\u00f3n de la informaci\u00f3n de las im\u00e1genes en tiempo real est\u00e1 causada por una autenticaci\u00f3n insuficiente del puerto RTSP activado. Esta vulnerabilidad podr\u00eda permitir a atacantes remotos enviar las peticiones RTSP usando el comando ffplay y conllevar a un filtrado de una imagen en vivo"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "vuln@krcert.or.kr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "vuln@krcert.or.kr",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qcp:qcp200w_firmware:-:*:*:*:*:android:*:*",
"matchCriteriaId": "DF356B8D-9C64-4F10-861D-94CBA08B3652"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qcp:qcp200w_firmware:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "652A5975-0772-4FF8-A9CD-C2D4AD4568CD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qcp:qcp200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49EDED72-B064-40E3-AE16-279A5E1C7A81"
}
]
}
]
}
],
"references": [
{
"url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66663",
"source": "vuln@krcert.or.kr",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink