Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for p1_firmware by kiloview

    CVE-2023-41922 (GCVE-0-2023-41922)

    Vulnerability from nvd – Published: 2024-07-02 07:42 – Updated: 2024-08-02 19:09
    VLAI
    Title
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Kiloview P1/P2 devices
    Summary
    A 'Cross-site Scripting' (XSS) vulnerability, characterized by improper input neutralization during web page generation, has been discovered. This vulnerability allows for Stored XSS attacks to occur. Multiple areas within the administration interface of the webserver lack adequate input validation, resulting in multiple instances of Stored XSS vulnerabilities.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Kiloview P1/P2 Affected: All , ≤ 4.8.2605 (custom)
    Create a notification for this product.
    kiloview p1_4g_video_encoder_firmware Affected: 0 , ≤ 4.8.2605 (custom)
        cpe:2.3:o:kiloview:p1_4g_video_encoder_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    kiloview p2_4g_video_encoder_firmware Affected: 0 , ≤ 4.8.2605 (custom)
        cpe:2.3:o:kiloview:p2_4g_video_encoder_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:kiloview:p1_4g_video_encoder_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "p1_4g_video_encoder_firmware",
                "vendor": "kiloview",
                "versions": [
                  {
                    "lessThanOrEqual": "4.8.2605",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:kiloview:p2_4g_video_encoder_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "p2_4g_video_encoder_firmware",
                "vendor": "kiloview",
                "versions": [
                  {
                    "lessThanOrEqual": "4.8.2605",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-41922",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-02T14:01:30.394306Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-02T14:05:45.133Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:09:49.427Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "P1/P2",
              "vendor": "Kiloview",
              "versions": [
                {
                  "lessThanOrEqual": "4.8.2605",
                  "status": "affected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA \u0027Cross-site Scripting\u0027 (XSS) vulnerability, characterized by improper\ninput neutralization during web page generation, has been discovered. This vulnerability allows for\nStored XSS attacks to occur. Multiple areas within the administration interface\nof the webserver lack adequate input validation, resulting in multiple\ninstances of Stored XSS vulnerabilities.\u003c/p\u003e\n\n\n\n\n\n"
                }
              ],
              "value": "A \u0027Cross-site Scripting\u0027 (XSS) vulnerability, characterized by improper input neutralization during web page generation, has been discovered. This vulnerability allows for Stored XSS attacks to occur. Multiple areas within the administration interface of the webserver lack adequate input validation, resulting in multiple instances of Stored XSS vulnerabilities."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592 Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-02T08:21:00.778Z",
            "orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
            "shortName": "NCSC-NL"
          },
          "references": [
            {
              "url": "https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in Kiloview P1/P2 devices"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
        "assignerShortName": "NCSC-NL",
        "cveId": "CVE-2023-41922",
        "datePublished": "2024-07-02T07:42:42.031Z",
        "dateReserved": "2023-09-05T10:14:50.216Z",
        "dateUpdated": "2024-08-02T19:09:49.427Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-41919 (GCVE-0-2023-41919)

    Vulnerability from nvd – Published: 2024-07-02 07:42 – Updated: 2024-08-02 19:09
    VLAI
    Title
    Use of Hard-coded Credentials in Kiloview P1/P2 devices
    Summary
    Hardcoded credentials are discovered within the application's source code, creating a potential security risk for unauthorized access.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    Impacted products
    Vendor Product Version
    Kiloview P1/P2 Affected: All , ≤ 4.8.2605 (custom)
    Create a notification for this product.
    kiloview p1_4g_video_encoder_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:kiloview:p1_4g_video_encoder_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    kiloview p2_4g_video_encoder_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:kiloview:p2_4g_video_encoder_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:kiloview:p1_4g_video_encoder_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "p1_4g_video_encoder_firmware",
                "vendor": "kiloview",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:kiloview:p2_4g_video_encoder_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "p2_4g_video_encoder_firmware",
                "vendor": "kiloview",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-41919",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-02T10:53:12.633052Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-02T10:53:17.253Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:09:49.323Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "P1/P2",
              "vendor": "Kiloview",
              "versions": [
                {
                  "lessThanOrEqual": "4.8.2605",
                  "status": "affected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eHardcoded credentials are discovered within the application\u0027s source code, creating a potential security risk for unauthorized access.\u003c/p\u003e\n\n\n\n\n\n"
                }
              ],
              "value": "Hardcoded credentials are discovered within the application\u0027s source code, creating a potential security risk for unauthorized access."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-70",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-70 Try Common or Default Usernames and Passwords"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-02T08:20:21.516Z",
            "orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
            "shortName": "NCSC-NL"
          },
          "references": [
            {
              "url": "https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Use of Hard-coded Credentials in Kiloview P1/P2 devices"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
        "assignerShortName": "NCSC-NL",
        "cveId": "CVE-2023-41919",
        "datePublished": "2024-07-02T07:42:16.318Z",
        "dateReserved": "2023-09-05T10:14:50.216Z",
        "dateUpdated": "2024-08-02T19:09:49.323Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-41922 (GCVE-0-2023-41922)

    Vulnerability from cvelistv5 – Published: 2024-07-02 07:42 – Updated: 2024-08-02 19:09
    VLAI
    Title
    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Kiloview P1/P2 devices
    Summary
    A 'Cross-site Scripting' (XSS) vulnerability, characterized by improper input neutralization during web page generation, has been discovered. This vulnerability allows for Stored XSS attacks to occur. Multiple areas within the administration interface of the webserver lack adequate input validation, resulting in multiple instances of Stored XSS vulnerabilities.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Kiloview P1/P2 Affected: All , ≤ 4.8.2605 (custom)
    Create a notification for this product.
    kiloview p1_4g_video_encoder_firmware Affected: 0 , ≤ 4.8.2605 (custom)
        cpe:2.3:o:kiloview:p1_4g_video_encoder_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    kiloview p2_4g_video_encoder_firmware Affected: 0 , ≤ 4.8.2605 (custom)
        cpe:2.3:o:kiloview:p2_4g_video_encoder_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:kiloview:p1_4g_video_encoder_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "p1_4g_video_encoder_firmware",
                "vendor": "kiloview",
                "versions": [
                  {
                    "lessThanOrEqual": "4.8.2605",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:kiloview:p2_4g_video_encoder_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "p2_4g_video_encoder_firmware",
                "vendor": "kiloview",
                "versions": [
                  {
                    "lessThanOrEqual": "4.8.2605",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-41922",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-02T14:01:30.394306Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-02T14:05:45.133Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:09:49.427Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "P1/P2",
              "vendor": "Kiloview",
              "versions": [
                {
                  "lessThanOrEqual": "4.8.2605",
                  "status": "affected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA \u0027Cross-site Scripting\u0027 (XSS) vulnerability, characterized by improper\ninput neutralization during web page generation, has been discovered. This vulnerability allows for\nStored XSS attacks to occur. Multiple areas within the administration interface\nof the webserver lack adequate input validation, resulting in multiple\ninstances of Stored XSS vulnerabilities.\u003c/p\u003e\n\n\n\n\n\n"
                }
              ],
              "value": "A \u0027Cross-site Scripting\u0027 (XSS) vulnerability, characterized by improper input neutralization during web page generation, has been discovered. This vulnerability allows for Stored XSS attacks to occur. Multiple areas within the administration interface of the webserver lack adequate input validation, resulting in multiple instances of Stored XSS vulnerabilities."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592 Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-02T08:21:00.778Z",
            "orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
            "shortName": "NCSC-NL"
          },
          "references": [
            {
              "url": "https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in Kiloview P1/P2 devices"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
        "assignerShortName": "NCSC-NL",
        "cveId": "CVE-2023-41922",
        "datePublished": "2024-07-02T07:42:42.031Z",
        "dateReserved": "2023-09-05T10:14:50.216Z",
        "dateUpdated": "2024-08-02T19:09:49.427Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-41919 (GCVE-0-2023-41919)

    Vulnerability from cvelistv5 – Published: 2024-07-02 07:42 – Updated: 2024-08-02 19:09
    VLAI
    Title
    Use of Hard-coded Credentials in Kiloview P1/P2 devices
    Summary
    Hardcoded credentials are discovered within the application's source code, creating a potential security risk for unauthorized access.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    Impacted products
    Vendor Product Version
    Kiloview P1/P2 Affected: All , ≤ 4.8.2605 (custom)
    Create a notification for this product.
    kiloview p1_4g_video_encoder_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:kiloview:p1_4g_video_encoder_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    kiloview p2_4g_video_encoder_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:kiloview:p2_4g_video_encoder_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:kiloview:p1_4g_video_encoder_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "p1_4g_video_encoder_firmware",
                "vendor": "kiloview",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:kiloview:p2_4g_video_encoder_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "p2_4g_video_encoder_firmware",
                "vendor": "kiloview",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-41919",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-02T10:53:12.633052Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-02T10:53:17.253Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:09:49.323Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "P1/P2",
              "vendor": "Kiloview",
              "versions": [
                {
                  "lessThanOrEqual": "4.8.2605",
                  "status": "affected",
                  "version": "All",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eHardcoded credentials are discovered within the application\u0027s source code, creating a potential security risk for unauthorized access.\u003c/p\u003e\n\n\n\n\n\n"
                }
              ],
              "value": "Hardcoded credentials are discovered within the application\u0027s source code, creating a potential security risk for unauthorized access."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-70",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-70 Try Common or Default Usernames and Passwords"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-02T08:20:21.516Z",
            "orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
            "shortName": "NCSC-NL"
          },
          "references": [
            {
              "url": "https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Use of Hard-coded Credentials in Kiloview P1/P2 devices"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
        "assignerShortName": "NCSC-NL",
        "cveId": "CVE-2023-41919",
        "datePublished": "2024-07-02T07:42:16.318Z",
        "dateReserved": "2023-09-05T10:14:50.216Z",
        "dateUpdated": "2024-08-02T19:09:49.323Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }