Search criteria
6 vulnerabilities found for bf-630 by chiyutw
VAR-201508-0616
Vulnerability from variot - Updated: 2025-04-13 23:09Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and (1) read or (2) modify (a) Voice Time Set configuration settings via a request to voice.htm or (b) UniFinger configuration settings via a request to bf.htm, a different vulnerability than CVE-2015-2871. Multiple models of Chiyu Technology fingerprint access control devices contain a cross-site scripting (XSS) vulnerability and an authentication bypass vulnerability. Chiyu BF-630 and BF-630W are network fingerprint access controllers from Chiyu. There are security holes in the Chiyu BF-630 and BF-630W fingerprint access-control devices. An attacker can exploit these issues to bypass the authentication mechanism and perform unauthorized actions on the affected device. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0616",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bf-630w",
"scope": null,
"trust": 1.4,
"vendor": "chiyu",
"version": null
},
{
"model": "bf-630",
"scope": null,
"trust": 1.4,
"vendor": "chiyu",
"version": null
},
{
"model": "bf-630",
"scope": "eq",
"trust": 1.0,
"vendor": "chiyutw",
"version": "*"
},
{
"model": "bf-630w",
"scope": "eq",
"trust": 1.0,
"vendor": "chiyutw",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "chiyu",
"version": null
},
{
"model": "bf-630",
"scope": null,
"trust": 0.6,
"vendor": "chiyutw",
"version": null
},
{
"model": "bf-630w",
"scope": null,
"trust": 0.6,
"vendor": "chiyutw",
"version": null
},
{
"model": "technology bf-630w",
"scope": "eq",
"trust": 0.3,
"vendor": "chiyu",
"version": "0"
},
{
"model": "technology bf-630",
"scope": "eq",
"trust": 0.3,
"vendor": "chiyu",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#360431"
},
{
"db": "CNVD",
"id": "CNVD-2015-05126"
},
{
"db": "BID",
"id": "76141"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003960"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-850"
},
{
"db": "NVD",
"id": "CVE-2015-5618"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:chiyutw:bf-630",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:chiyutw:bf-630w",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003960"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maxim Rupp",
"sources": [
{
"db": "BID",
"id": "76141"
}
],
"trust": 0.3
},
"cve": "CVE-2015-5618",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-5618",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-05126",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-5618",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-5618",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2015-05126",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201507-850",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-5618",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05126"
},
{
"db": "VULMON",
"id": "CVE-2015-5618"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003960"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-850"
},
{
"db": "NVD",
"id": "CVE-2015-5618"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and (1) read or (2) modify (a) Voice Time Set configuration settings via a request to voice.htm or (b) UniFinger configuration settings via a request to bf.htm, a different vulnerability than CVE-2015-2871. Multiple models of Chiyu Technology fingerprint access control devices contain a cross-site scripting (XSS) vulnerability and an authentication bypass vulnerability. Chiyu BF-630 and BF-630W are network fingerprint access controllers from Chiyu. There are security holes in the Chiyu BF-630 and BF-630W fingerprint access-control devices. \nAn attacker can exploit these issues to bypass the authentication mechanism and perform unauthorized actions on the affected device. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5618"
},
{
"db": "CERT/CC",
"id": "VU#360431"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003960"
},
{
"db": "CNVD",
"id": "CNVD-2015-05126"
},
{
"db": "BID",
"id": "76141"
},
{
"db": "VULMON",
"id": "CVE-2015-5618"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#360431",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2015-5618",
"trust": 3.4
},
{
"db": "JVN",
"id": "JVNVU91647568",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003960",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2015-05126",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201507-850",
"trust": 0.6
},
{
"db": "BID",
"id": "76141",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2015-5618",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#360431"
},
{
"db": "CNVD",
"id": "CNVD-2015-05126"
},
{
"db": "VULMON",
"id": "CVE-2015-5618"
},
{
"db": "BID",
"id": "76141"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003960"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-850"
},
{
"db": "NVD",
"id": "CVE-2015-5618"
}
]
},
"id": "VAR-201508-0616",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05126"
}
],
"trust": 1.4
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05126"
}
]
},
"last_update_date": "2025-04-13T23:09:47.656000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Product Gallery",
"trust": 0.8,
"url": "http://www.chiyu-t.com.tw/pdt_list.asp?area=46\u0026cat=151"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003960"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003960"
},
{
"db": "NVD",
"id": "CVE-2015-5618"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.kb.cert.org/vuls/id/360431"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/80.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/288.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5618"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu91647568/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5618"
},
{
"trust": 0.3,
"url": "http://www.chiyu-t.com.tw"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#360431"
},
{
"db": "CNVD",
"id": "CNVD-2015-05126"
},
{
"db": "VULMON",
"id": "CVE-2015-5618"
},
{
"db": "BID",
"id": "76141"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003960"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-850"
},
{
"db": "NVD",
"id": "CVE-2015-5618"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#360431"
},
{
"db": "CNVD",
"id": "CNVD-2015-05126"
},
{
"db": "VULMON",
"id": "CVE-2015-5618"
},
{
"db": "BID",
"id": "76141"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003960"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-850"
},
{
"db": "NVD",
"id": "CVE-2015-5618"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-31T00:00:00",
"db": "CERT/CC",
"id": "VU#360431"
},
{
"date": "2015-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-05126"
},
{
"date": "2015-08-01T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5618"
},
{
"date": "2015-07-31T00:00:00",
"db": "BID",
"id": "76141"
},
{
"date": "2015-08-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003960"
},
{
"date": "2015-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-850"
},
{
"date": "2015-08-01T01:59:19.613000",
"db": "NVD",
"id": "CVE-2015-5618"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-31T00:00:00",
"db": "CERT/CC",
"id": "VU#360431"
},
{
"date": "2015-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-05126"
},
{
"date": "2015-08-03T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5618"
},
{
"date": "2015-07-31T00:00:00",
"db": "BID",
"id": "76141"
},
{
"date": "2015-08-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003960"
},
{
"date": "2015-08-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-850"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-5618"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-850"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chiyu Technology fingerprint access control contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#360431"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-850"
}
],
"trust": 0.6
}
}
VAR-201508-0309
Vulnerability from variot - Updated: 2025-04-12 23:04Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element. Chiyu BF-630, BF-630W and BF-660C are products of Chiyu. Both the BF-630 and BF-630W are networked fingerprint access controllers. BF-660C is a network type fingerprint access control attendance machine. An attacker could leverage these issues to gain unauthorized access to the affected application, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, or generate authentication credentials to impersonate legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bf-630",
"scope": "eq",
"trust": 1.6,
"vendor": "chiyutw",
"version": null
},
{
"model": "bf-630w",
"scope": "eq",
"trust": 1.6,
"vendor": "chiyutw",
"version": null
},
{
"model": "bf-660c",
"scope": "eq",
"trust": 1.6,
"vendor": "chiyutw",
"version": null
},
{
"model": "bf-660c",
"scope": null,
"trust": 1.4,
"vendor": "chiyu",
"version": null
},
{
"model": "bf-630w",
"scope": null,
"trust": 1.4,
"vendor": "chiyu",
"version": null
},
{
"model": "bf-630",
"scope": null,
"trust": 1.4,
"vendor": "chiyu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "chiyu",
"version": null
},
{
"model": "technology bf-660c",
"scope": "eq",
"trust": 0.3,
"vendor": "chiyu",
"version": "0"
},
{
"model": "technology bf-630w",
"scope": "eq",
"trust": 0.3,
"vendor": "chiyu",
"version": "0"
},
{
"model": "technology bf-630",
"scope": "eq",
"trust": 0.3,
"vendor": "chiyu",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#360431"
},
{
"db": "CNVD",
"id": "CNVD-2015-05125"
},
{
"db": "BID",
"id": "76140"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003958"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-842"
},
{
"db": "NVD",
"id": "CVE-2015-2870"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:chiyutw:bf-630",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:chiyutw:bf-630w",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:chiyutw:bf-660c",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003958"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maxim Rupp",
"sources": [
{
"db": "BID",
"id": "76140"
}
],
"trust": 0.3
},
"cve": "CVE-2015-2870",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-2870",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-05125",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-2870",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-2870",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-05125",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201507-842",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05125"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003958"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-842"
},
{
"db": "NVD",
"id": "CVE-2015-2870"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element. Chiyu BF-630, BF-630W and BF-660C are products of Chiyu. Both the BF-630 and BF-630W are networked fingerprint access controllers. BF-660C is a network type fingerprint access control attendance machine. \nAn attacker could leverage these issues to gain unauthorized access to the affected application, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, or generate authentication credentials to impersonate legitimate users",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2870"
},
{
"db": "CERT/CC",
"id": "VU#360431"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003958"
},
{
"db": "CNVD",
"id": "CNVD-2015-05125"
},
{
"db": "BID",
"id": "76140"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#360431",
"trust": 4.1
},
{
"db": "NVD",
"id": "CVE-2015-2870",
"trust": 3.3
},
{
"db": "JVN",
"id": "JVNVU91647568",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003958",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2015-05125",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201507-842",
"trust": 0.6
},
{
"db": "BID",
"id": "76140",
"trust": 0.3
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#360431"
},
{
"db": "CNVD",
"id": "CNVD-2015-05125"
},
{
"db": "BID",
"id": "76140"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003958"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-842"
},
{
"db": "NVD",
"id": "CVE-2015-2870"
}
]
},
"id": "VAR-201508-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05125"
}
],
"trust": 1.3476190433333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05125"
}
]
},
"last_update_date": "2025-04-12T23:04:35.800000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Product Gallery",
"trust": 0.8,
"url": "http://www.chiyu-t.com.tw/pdt_list.asp?area=46\u0026cat=151"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003958"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003958"
},
{
"db": "NVD",
"id": "CVE-2015-2870"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.kb.cert.org/vuls/id/360431"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/80.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/288.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2870"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu91647568/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2870"
},
{
"trust": 0.3,
"url": "http://www.chiyu-t.com.tw"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#360431"
},
{
"db": "CNVD",
"id": "CNVD-2015-05125"
},
{
"db": "BID",
"id": "76140"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003958"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-842"
},
{
"db": "NVD",
"id": "CVE-2015-2870"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#360431"
},
{
"db": "CNVD",
"id": "CNVD-2015-05125"
},
{
"db": "BID",
"id": "76140"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003958"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-842"
},
{
"db": "NVD",
"id": "CVE-2015-2870"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-31T00:00:00",
"db": "CERT/CC",
"id": "VU#360431"
},
{
"date": "2015-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-05125"
},
{
"date": "2015-07-31T00:00:00",
"db": "BID",
"id": "76140"
},
{
"date": "2015-08-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003958"
},
{
"date": "2015-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-842"
},
{
"date": "2015-08-01T01:59:11.943000",
"db": "NVD",
"id": "CVE-2015-2870"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-31T00:00:00",
"db": "CERT/CC",
"id": "VU#360431"
},
{
"date": "2015-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-05125"
},
{
"date": "2015-07-31T00:00:00",
"db": "BID",
"id": "76140"
},
{
"date": "2015-08-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003958"
},
{
"date": "2015-08-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-842"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-2870"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-842"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chiyu Technology fingerprint access control contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#360431"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-842"
}
],
"trust": 0.6
}
}
CVE-2015-5618 (GCVE-0-2015-5618)
Vulnerability from nvd – Published: 2015-08-01 01:00 – Updated: 2024-08-06 06:59
VLAI?
Summary
Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and (1) read or (2) modify (a) Voice Time Set configuration settings via a request to voice.htm or (b) UniFinger configuration settings via a request to bf.htm, a different vulnerability than CVE-2015-2871.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:59:02.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#360431",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/360431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and (1) read or (2) modify (a) Voice Time Set configuration settings via a request to voice.htm or (b) UniFinger configuration settings via a request to bf.htm, a different vulnerability than CVE-2015-2871."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-08-01T01:57:02",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#360431",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/360431"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-5618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and (1) read or (2) modify (a) Voice Time Set configuration settings via a request to voice.htm or (b) UniFinger configuration settings via a request to bf.htm, a different vulnerability than CVE-2015-2871."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#360431",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/360431"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-5618",
"datePublished": "2015-08-01T01:00:00",
"dateReserved": "2015-07-22T00:00:00",
"dateUpdated": "2024-08-06T06:59:02.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2870 (GCVE-0-2015-2870)
Vulnerability from nvd – Published: 2015-08-01 01:00 – Updated: 2024-08-06 05:32
VLAI?
Summary
Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:20.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#360431",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/360431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-08-01T01:57:02",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#360431",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/360431"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#360431",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/360431"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-2870",
"datePublished": "2015-08-01T01:00:00",
"dateReserved": "2015-04-03T00:00:00",
"dateUpdated": "2024-08-06T05:32:20.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2870 (GCVE-0-2015-2870)
Vulnerability from cvelistv5 – Published: 2015-08-01 01:00 – Updated: 2024-08-06 05:32
VLAI?
Summary
Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:20.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#360431",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/360431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-08-01T01:57:02",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#360431",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/360431"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#360431",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/360431"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-2870",
"datePublished": "2015-08-01T01:00:00",
"dateReserved": "2015-04-03T00:00:00",
"dateUpdated": "2024-08-06T05:32:20.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5618 (GCVE-0-2015-5618)
Vulnerability from cvelistv5 – Published: 2015-08-01 01:00 – Updated: 2024-08-06 06:59
VLAI?
Summary
Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and (1) read or (2) modify (a) Voice Time Set configuration settings via a request to voice.htm or (b) UniFinger configuration settings via a request to bf.htm, a different vulnerability than CVE-2015-2871.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:59:02.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#360431",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/360431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and (1) read or (2) modify (a) Voice Time Set configuration settings via a request to voice.htm or (b) UniFinger configuration settings via a request to bf.htm, a different vulnerability than CVE-2015-2871."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-08-01T01:57:02",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#360431",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/360431"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-5618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and (1) read or (2) modify (a) Voice Time Set configuration settings via a request to voice.htm or (b) UniFinger configuration settings via a request to bf.htm, a different vulnerability than CVE-2015-2871."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#360431",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/360431"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-5618",
"datePublished": "2015-08-01T01:00:00",
"dateReserved": "2015-07-22T00:00:00",
"dateUpdated": "2024-08-06T06:59:02.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}