Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for xvr5x04_firmware by dahuasecurity

    CVE-2017-9317 (GCVE-0-2017-9317)

    Vulnerability from nvd – Published: 2018-05-23 15:00 – Updated: 2024-09-16 19:36
    VLAI
    Summary
    Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device.
    Severity
    No CVSS data available.
    CWE
    • Privilege escalation
    Assigner
    References
    Impacted products
    Date Public
    2018-03-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T17:02:44.373Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "XVR 5x04, XVR 5x08, XVR 5x16, XVR 7x16, IPC-HDBW4XXX, IPC-HDBW5XXX",
              "vendor": "Dahua Technologies",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build before 2017/09"
                }
              ]
            }
          ],
          "datePublic": "2018-03-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Privilege escalation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-05-23T14:57:01.000Z",
            "orgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad",
            "shortName": "dahua"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cybersecurity@dahuatech.com",
              "DATE_PUBLIC": "2018-03-16T00:00:00",
              "ID": "CVE-2017-9317",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "XVR 5x04, XVR 5x08, XVR 5x16, XVR 7x16, IPC-HDBW4XXX, IPC-HDBW5XXX",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Build before 2017/09"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Dahua Technologies"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Privilege escalation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337",
                  "refsource": "CONFIRM",
                  "url": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad",
        "assignerShortName": "dahua",
        "cveId": "CVE-2017-9317",
        "datePublished": "2018-05-23T15:00:00.000Z",
        "dateReserved": "2017-05-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:36:50.725Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-9317 (GCVE-0-2017-9317)

    Vulnerability from cvelistv5 – Published: 2018-05-23 15:00 – Updated: 2024-09-16 19:36
    VLAI
    Summary
    Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device.
    Severity
    No CVSS data available.
    CWE
    • Privilege escalation
    Assigner
    References
    Impacted products
    Date Public
    2018-03-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T17:02:44.373Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "XVR 5x04, XVR 5x08, XVR 5x16, XVR 7x16, IPC-HDBW4XXX, IPC-HDBW5XXX",
              "vendor": "Dahua Technologies",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build before 2017/09"
                }
              ]
            }
          ],
          "datePublic": "2018-03-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Privilege escalation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-05-23T14:57:01.000Z",
            "orgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad",
            "shortName": "dahua"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cybersecurity@dahuatech.com",
              "DATE_PUBLIC": "2018-03-16T00:00:00",
              "ID": "CVE-2017-9317",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "XVR 5x04, XVR 5x08, XVR 5x16, XVR 7x16, IPC-HDBW4XXX, IPC-HDBW5XXX",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Build before 2017/09"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Dahua Technologies"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Privilege escalation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337",
                  "refsource": "CONFIRM",
                  "url": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad",
        "assignerShortName": "dahua",
        "cveId": "CVE-2017-9317",
        "datePublished": "2018-05-23T15:00:00.000Z",
        "dateReserved": "2017-05-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:36:50.725Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }