admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-240xx/CVE-2020-24055.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

156 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-24055",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-08-21T15:15:13.057",
"lastModified": "2020-08-27T14:30:52.620",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Verint 5620PTZ Verint_FW_0_42 and Verint 4320 V4320_FW_0_23, and V4320_FW_0_31 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666. The service is vulnerable to a stack buffer overflow. It is worth noting that this service does not require any authentication."
},
{
"lang": "es",
"value": "Las unidades Verint 5620PTZ versi\u00f3n Verint_FW_0_42 y Verint 4320 versiones V4320_FW_0_23 y V4320_FW_0_31, cuentan con un servicio de detecci\u00f3n autom\u00e1tica implementado en el ejecutable binario \"/usr/sbin/DM\" que escucha en el puerto TCP 6666. El servicio es vulnerable a un desbordamiento del b\u00fafer de pila. Vale la pena se\u00f1alar que este servicio no requiere autenticaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:verint:5620ptz_firmware:verint_fw_0_42:*:*:*:*:*:*:*",
"matchCriteriaId": "0D07363C-3EAD-4C7F-8ADC-BF73F5CCF65C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:verint:5620ptz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A52C58-EDF6-45B8-8E36-8A5A1652A34C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:verint:4320_firmware:v4320_fw_0_23:*:*:*:*:*:*:*",
"matchCriteriaId": "A8BA0DE6-30CB-451B-ADA5-9C20A96D4553"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:verint:4320_firmware:v4320_fw_0_31:*:*:*:*:*:*:*",
"matchCriteriaId": "C2321668-6D76-48C2-8E30-DE5D0CCBAF05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:verint:4320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86528E55-7890-4B44-AA62-7A6927B9E738"
}
]
}
]
}
],
"references": [
{
"url": "https://ioac.tv/2Nbc40h",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://ioactive.com/verint-ptz-cameras-multiple-vulnerabilities/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink