Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Uniview IP Camera IPC322LB-SF28-A by Uniview
CVE-2023-0773 (GCVE-0-2023-0773)
Vulnerability from nvd – Published: 2023-09-19 09:33 – Updated: 2024-09-25 14:40
VLAI
EPSS
VEX
Title
Unauthorized Access Control Vulnerability in Uniview IP Camera
Summary
The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.
Successful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.cert-in.org.in/s2cMainServlet?pageid=… | |
| https://global.uniview.com/About_Us/Security/Noti… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Uniview | Uniview IP Camera IPC322LB-SF28-A |
Affected:
CIPC-B2303.X.X.XXXXXX , ≤ CIPC-B2303.2.8.230105
(custom)
Affected: DIPC-B1213.X.X.XXXXXX , ≤ DIPC-B1213.6.5.230215 (custom) Affected: DIPC-B1216.X.X.XXXXXX , ≤ DIPC-B1216.5.7.230109 (custom) Affected: DIPC-B1221.X.X.XXXXXX , ≤ DIPC-B1221.3.5.221202 (custom) Affected: DIPC-B1222.X.X.XXXXXX , ≤ DIPC-B1222.3.8.230223 (custom) Affected: DIPC-B1225.X.X.XXXXXX , ≤ DIPC-B1225.3.3.221123 (custom) Affected: DIPC-B1226.X.X.XXXXXX , ≤ DIPC-B1226.3.6.230105 (custom) Affected: DIPC-B1219.X.X.XXXXXX , ≤ DIPC-B1219.2.67.221019 (custom) Affected: DIPC-B1223.X.X.XXXXXX , ≤ DIPC-B1223.3.3.221123 (custom) Affected: DIPC-B1228.X.X.XXXXXX , ≤ DIPC-B1228.2.65.230207 (custom) Affected: DIPC-B1229.X.X.XXXXXX , ≤ DIPC-B1229.1.67.230104 (custom) |
|
| uniview | ip_camera_ipc322lb-sf28-a |
Affected:
CIPC-B2303.X.X.XXXXXX , ≤ CIPC-B2303.2.8.230105
(custom)
Affected: DIPC-B1213.X.X.XXXXXX , ≤ DIPC-B1213.6.5.230215 (custom) Affected: DIPC-B1216.X.X.XXXXXX , ≤ DIPC-B1216.5.7.230109 (custom) Affected: DIPC-B1221.X.X.XXXXXX , ≤ DIPC-B1221.3.5.221202 (custom) Affected: DIPC-B1222.X.X.XXXXXX , ≤ DIPC-B1222.3.8.230223 (custom) Affected: DIPC-B1225.X.X.XXXXXX , ≤ DIPC-B1225.3.3.221123 (custom) Affected: DIPC-B1226.X.X.XXXXXX , ≤ DIPC-B1226.3.6.230105 (custom) Affected: DIPC-B1219.X.X.XXXXXX , ≤ DIPC-B1219.2.67.221019 affected (custom) Affected: DIPC-B1223.X.X.XXXXXX , ≤ DIPC-B1223.3.3.221123 (custom) Affected: DIPC-B1228.X.X.XXXXXX , ≤ DIPC-B1228.2.65.230207 (custom) Affected: DIPC-B1229.X.X.XXXXXX , ≤ DIPC-B1229.1.67.230104 (custom) cpe:2.3:h:uniview:ip_camera_ipc322lb-sf28-a:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:24:33.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0270"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:uniview:ip_camera_ipc322lb-sf28-a:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip_camera_ipc322lb-sf28-a",
"vendor": "uniview",
"versions": [
{
"lessThanOrEqual": "CIPC-B2303.2.8.230105",
"status": "affected",
"version": "CIPC-B2303.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1213.6.5.230215",
"status": "affected",
"version": "DIPC-B1213.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1216.5.7.230109",
"status": "affected",
"version": "DIPC-B1216.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1221.3.5.221202",
"status": "affected",
"version": "DIPC-B1221.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1222.3.8.230223",
"status": "affected",
"version": "DIPC-B1222.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1225.3.3.221123",
"status": "affected",
"version": "DIPC-B1225.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1226.3.6.230105",
"status": "affected",
"version": "DIPC-B1226.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1219.2.67.221019\taffected",
"status": "affected",
"version": "DIPC-B1219.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1223.3.3.221123",
"status": "affected",
"version": "DIPC-B1223.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1228.2.65.230207",
"status": "affected",
"version": "DIPC-B1228.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1229.1.67.230104",
"status": "affected",
"version": "DIPC-B1229.X.X.XXXXXX",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0773",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:27:10.328874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T14:40:18.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Uniview IP Camera IPC322LB-SF28-A",
"vendor": "Uniview",
"versions": [
{
"lessThanOrEqual": "CIPC-B2303.2.8.230105",
"status": "affected",
"version": "CIPC-B2303.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1213.6.5.230215",
"status": "affected",
"version": "DIPC-B1213.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1216.5.7.230109",
"status": "affected",
"version": "DIPC-B1216.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1221.3.5.221202",
"status": "affected",
"version": "DIPC-B1221.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1222.3.8.230223",
"status": "affected",
"version": "DIPC-B1222.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1225.3.3.221123",
"status": "affected",
"version": "DIPC-B1225.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1226.3.6.230105",
"status": "affected",
"version": "DIPC-B1226.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1219.2.67.221019",
"status": "affected",
"version": "DIPC-B1219.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1223.3.3.221123",
"status": "affected",
"version": "DIPC-B1223.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1228.2.65.230207",
"status": "affected",
"version": "DIPC-B1228.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1229.1.67.230104",
"status": "affected",
"version": "DIPC-B1229.X.X.XXXXXX",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering \u0026 Research Team, Karnataka, India."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cbr\u003eThe vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.\u003cbr\u003e"
}
],
"value": "The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.\n\nSuccessful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-22",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-22 Exploiting Trust in Client"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-19T09:33:42.479Z",
"orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"shortName": "CERT-In"
},
"references": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0270"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm\"\u003ehttps://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm\u003c/a\u003e"
}
],
"value": " https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm "
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized Access Control Vulnerability in Uniview IP Camera"
}
},
"cveMetadata": {
"assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"assignerShortName": "CERT-In",
"cveId": "CVE-2023-0773",
"datePublished": "2023-09-19T09:33:42.479Z",
"dateReserved": "2023-02-10T11:41:27.681Z",
"dateUpdated": "2024-09-25T14:40:18.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0773 (GCVE-0-2023-0773)
Vulnerability from cvelistv5 – Published: 2023-09-19 09:33 – Updated: 2024-09-25 14:40
VLAI
EPSS
VEX
Title
Unauthorized Access Control Vulnerability in Uniview IP Camera
Summary
The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.
Successful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.cert-in.org.in/s2cMainServlet?pageid=… | |
| https://global.uniview.com/About_Us/Security/Noti… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Uniview | Uniview IP Camera IPC322LB-SF28-A |
Affected:
CIPC-B2303.X.X.XXXXXX , ≤ CIPC-B2303.2.8.230105
(custom)
Affected: DIPC-B1213.X.X.XXXXXX , ≤ DIPC-B1213.6.5.230215 (custom) Affected: DIPC-B1216.X.X.XXXXXX , ≤ DIPC-B1216.5.7.230109 (custom) Affected: DIPC-B1221.X.X.XXXXXX , ≤ DIPC-B1221.3.5.221202 (custom) Affected: DIPC-B1222.X.X.XXXXXX , ≤ DIPC-B1222.3.8.230223 (custom) Affected: DIPC-B1225.X.X.XXXXXX , ≤ DIPC-B1225.3.3.221123 (custom) Affected: DIPC-B1226.X.X.XXXXXX , ≤ DIPC-B1226.3.6.230105 (custom) Affected: DIPC-B1219.X.X.XXXXXX , ≤ DIPC-B1219.2.67.221019 (custom) Affected: DIPC-B1223.X.X.XXXXXX , ≤ DIPC-B1223.3.3.221123 (custom) Affected: DIPC-B1228.X.X.XXXXXX , ≤ DIPC-B1228.2.65.230207 (custom) Affected: DIPC-B1229.X.X.XXXXXX , ≤ DIPC-B1229.1.67.230104 (custom) |
|
| uniview | ip_camera_ipc322lb-sf28-a |
Affected:
CIPC-B2303.X.X.XXXXXX , ≤ CIPC-B2303.2.8.230105
(custom)
Affected: DIPC-B1213.X.X.XXXXXX , ≤ DIPC-B1213.6.5.230215 (custom) Affected: DIPC-B1216.X.X.XXXXXX , ≤ DIPC-B1216.5.7.230109 (custom) Affected: DIPC-B1221.X.X.XXXXXX , ≤ DIPC-B1221.3.5.221202 (custom) Affected: DIPC-B1222.X.X.XXXXXX , ≤ DIPC-B1222.3.8.230223 (custom) Affected: DIPC-B1225.X.X.XXXXXX , ≤ DIPC-B1225.3.3.221123 (custom) Affected: DIPC-B1226.X.X.XXXXXX , ≤ DIPC-B1226.3.6.230105 (custom) Affected: DIPC-B1219.X.X.XXXXXX , ≤ DIPC-B1219.2.67.221019 affected (custom) Affected: DIPC-B1223.X.X.XXXXXX , ≤ DIPC-B1223.3.3.221123 (custom) Affected: DIPC-B1228.X.X.XXXXXX , ≤ DIPC-B1228.2.65.230207 (custom) Affected: DIPC-B1229.X.X.XXXXXX , ≤ DIPC-B1229.1.67.230104 (custom) cpe:2.3:h:uniview:ip_camera_ipc322lb-sf28-a:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:24:33.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0270"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:uniview:ip_camera_ipc322lb-sf28-a:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ip_camera_ipc322lb-sf28-a",
"vendor": "uniview",
"versions": [
{
"lessThanOrEqual": "CIPC-B2303.2.8.230105",
"status": "affected",
"version": "CIPC-B2303.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1213.6.5.230215",
"status": "affected",
"version": "DIPC-B1213.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1216.5.7.230109",
"status": "affected",
"version": "DIPC-B1216.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1221.3.5.221202",
"status": "affected",
"version": "DIPC-B1221.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1222.3.8.230223",
"status": "affected",
"version": "DIPC-B1222.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1225.3.3.221123",
"status": "affected",
"version": "DIPC-B1225.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1226.3.6.230105",
"status": "affected",
"version": "DIPC-B1226.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1219.2.67.221019\taffected",
"status": "affected",
"version": "DIPC-B1219.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1223.3.3.221123",
"status": "affected",
"version": "DIPC-B1223.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1228.2.65.230207",
"status": "affected",
"version": "DIPC-B1228.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1229.1.67.230104",
"status": "affected",
"version": "DIPC-B1229.X.X.XXXXXX",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0773",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:27:10.328874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T14:40:18.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Uniview IP Camera IPC322LB-SF28-A",
"vendor": "Uniview",
"versions": [
{
"lessThanOrEqual": "CIPC-B2303.2.8.230105",
"status": "affected",
"version": "CIPC-B2303.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1213.6.5.230215",
"status": "affected",
"version": "DIPC-B1213.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1216.5.7.230109",
"status": "affected",
"version": "DIPC-B1216.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1221.3.5.221202",
"status": "affected",
"version": "DIPC-B1221.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1222.3.8.230223",
"status": "affected",
"version": "DIPC-B1222.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1225.3.3.221123",
"status": "affected",
"version": "DIPC-B1225.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1226.3.6.230105",
"status": "affected",
"version": "DIPC-B1226.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1219.2.67.221019",
"status": "affected",
"version": "DIPC-B1219.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1223.3.3.221123",
"status": "affected",
"version": "DIPC-B1223.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1228.2.65.230207",
"status": "affected",
"version": "DIPC-B1228.X.X.XXXXXX",
"versionType": "custom"
},
{
"lessThanOrEqual": "DIPC-B1229.1.67.230104",
"status": "affected",
"version": "DIPC-B1229.X.X.XXXXXX",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering \u0026 Research Team, Karnataka, India."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cbr\u003eThe vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.\u003cbr\u003e"
}
],
"value": "The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.\n\nSuccessful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-22",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-22 Exploiting Trust in Client"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-19T09:33:42.479Z",
"orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"shortName": "CERT-In"
},
"references": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0270"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm\"\u003ehttps://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm\u003c/a\u003e"
}
],
"value": " https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm "
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized Access Control Vulnerability in Uniview IP Camera"
}
},
"cveMetadata": {
"assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"assignerShortName": "CERT-In",
"cveId": "CVE-2023-0773",
"datePublished": "2023-09-19T09:33:42.479Z",
"dateReserved": "2023-02-10T11:41:27.681Z",
"dateUpdated": "2024-09-25T14:40:18.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}