Search
Find a vulnerability
Search criteria
6 vulnerabilities found for video_insight_vms by panasonic
CVE-2021-20623 (GCVE-0-2021-20623)
Vulnerability from nvd – Published: 2021-02-05 09:35 – Updated: 2024-08-03 17:45
VLAI
Summary
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request.
Severity
No CVSS data available.
CWE
- Remote code execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://downloadvi.com/downloads/IPServer/v7.8/780… | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN42252698/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Panasonic Corporation | Video Insight VMS |
Affected:
versions prior to 7.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:45:44.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN42252698/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Video Insight VMS",
"vendor": "Panasonic Corporation",
"versions": [
{
"status": "affected",
"version": "versions prior to 7.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-05T09:35:22.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN42252698/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Video Insight VMS",
"version": {
"version_data": [
{
"version_value": "versions prior to 7.8"
}
]
}
}
]
},
"vendor_name": "Panasonic Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf",
"refsource": "MISC",
"url": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf"
},
{
"name": "https://jvn.jp/en/jp/JVN42252698/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN42252698/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2021-20623",
"datePublished": "2021-02-05T09:35:23.000Z",
"dateReserved": "2020-12-17T00:00:00.000Z",
"dateUpdated": "2024-08-03T17:45:44.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5997 (GCVE-0-2019-5997)
Vulnerability from nvd – Published: 2020-05-20 10:15 – Updated: 2024-08-04 20:09
VLAI
Summary
Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vectors.
Severity
No CVSS data available.
CWE
- Code injection
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Panasonic Corporation | Video Insight VMS |
Affected:
prior to 7.6.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:09:24.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://downloadvi.com/downloads/IPServer/v7.6/76148/v76148RN.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN96646182/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Video Insight VMS",
"vendor": "Panasonic Corporation",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T02:57:55.842Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "http://downloadvi.com/downloads/IPServer/v7.6/76148/v76148RN.pdf"
},
{
"url": "https://jvn.jp/en/jp/JVN96646182/index.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-5997",
"datePublished": "2020-05-20T10:15:21.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:09:24.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5996 (GCVE-0-2019-5996)
Vulnerability from nvd – Published: 2019-09-12 15:58 – Updated: 2024-08-04 20:09
VLAI
Summary
SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN93833849/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Video Insight VMS | 7.3.2.5 and earlier |
Affected:
remote authenticated attackers
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:09:23.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN93833849/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "7.3.2.5 and earlier",
"vendor": "Video Insight VMS",
"versions": [
{
"status": "affected",
"version": "remote authenticated attackers"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-12T15:58:55.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/jp/JVN93833849/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-5996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "7.3.2.5 and earlier",
"version": {
"version_data": [
{
"version_value": "remote authenticated attackers"
}
]
}
}
]
},
"vendor_name": "Video Insight VMS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://jvn.jp/en/jp/JVN93833849/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN93833849/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-5996",
"datePublished": "2019-09-12T15:58:55.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:09:23.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20623 (GCVE-0-2021-20623)
Vulnerability from cvelistv5 – Published: 2021-02-05 09:35 – Updated: 2024-08-03 17:45
VLAI
Summary
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request.
Severity
No CVSS data available.
CWE
- Remote code execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://downloadvi.com/downloads/IPServer/v7.8/780… | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN42252698/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Panasonic Corporation | Video Insight VMS |
Affected:
versions prior to 7.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:45:44.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN42252698/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Video Insight VMS",
"vendor": "Panasonic Corporation",
"versions": [
{
"status": "affected",
"version": "versions prior to 7.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-05T09:35:22.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN42252698/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Video Insight VMS",
"version": {
"version_data": [
{
"version_value": "versions prior to 7.8"
}
]
}
}
]
},
"vendor_name": "Panasonic Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf",
"refsource": "MISC",
"url": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf"
},
{
"name": "https://jvn.jp/en/jp/JVN42252698/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN42252698/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2021-20623",
"datePublished": "2021-02-05T09:35:23.000Z",
"dateReserved": "2020-12-17T00:00:00.000Z",
"dateUpdated": "2024-08-03T17:45:44.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5997 (GCVE-0-2019-5997)
Vulnerability from cvelistv5 – Published: 2020-05-20 10:15 – Updated: 2024-08-04 20:09
VLAI
Summary
Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vectors.
Severity
No CVSS data available.
CWE
- Code injection
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Panasonic Corporation | Video Insight VMS |
Affected:
prior to 7.6.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:09:24.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://downloadvi.com/downloads/IPServer/v7.6/76148/v76148RN.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN96646182/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Video Insight VMS",
"vendor": "Panasonic Corporation",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T02:57:55.842Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "http://downloadvi.com/downloads/IPServer/v7.6/76148/v76148RN.pdf"
},
{
"url": "https://jvn.jp/en/jp/JVN96646182/index.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-5997",
"datePublished": "2020-05-20T10:15:21.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:09:24.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5996 (GCVE-0-2019-5996)
Vulnerability from cvelistv5 – Published: 2019-09-12 15:58 – Updated: 2024-08-04 20:09
VLAI
Summary
SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN93833849/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Video Insight VMS | 7.3.2.5 and earlier |
Affected:
remote authenticated attackers
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:09:23.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN93833849/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "7.3.2.5 and earlier",
"vendor": "Video Insight VMS",
"versions": [
{
"status": "affected",
"version": "remote authenticated attackers"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-12T15:58:55.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/jp/JVN93833849/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-5996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "7.3.2.5 and earlier",
"version": {
"version_data": [
{
"version_value": "remote authenticated attackers"
}
]
}
}
]
},
"vendor_name": "Video Insight VMS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://jvn.jp/en/jp/JVN93833849/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN93833849/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-5996",
"datePublished": "2019-09-12T15:58:55.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:09:23.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}