Search criteria
38 vulnerabilities by Bosch
CVE-2023-32228 (GCVE-0-2023-32228)
Vulnerability from cvelistv5 – Published: 2024-04-11 09:05 – Updated: 2024-08-02 15:10
VLAI?
Summary
A firmware bug which may lead to misinterpretation of data in the AMC2-4WCF and AMC2-2WCF allowing an adversary to grant access to the last authorized user.
Severity ?
4.6 (Medium)
CWE
- CWE-115 - Misinterpretation of Input
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32228",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T17:46:02.475839Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:31.054Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:25.010Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-391095-BT.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-391095-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "BIS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "4.9.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A firmware bug which may lead to misinterpretation of data in the AMC2-4WCF and AMC2-2WCF allowing an adversary to grant access to the last authorized user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115 Misinterpretation of Input",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-11T09:05:08.892Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-391095-BT.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-391095-BT.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-32228",
"datePublished": "2024-04-11T09:05:08.892Z",
"dateReserved": "2023-05-04T21:01:16.508Z",
"dateUpdated": "2024-08-02T15:10:25.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25002 (GCVE-0-2024-25002)
Vulnerability from cvelistv5 – Published: 2024-03-25 13:55 – Updated: 2024-08-09 16:21
VLAI?
Summary
Command Injection in the diagnostics interface of the Bosch Network Synchronizer allows unauthorized users full access to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Bosch | Network Synchronizer Enterprise |
Affected:
0 , < 9.30
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-152190.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-152190.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:bosch:network_synchronizer:*:*:*:*:enterprise:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_synchronizer",
"vendor": "bosch",
"versions": [
{
"lessThan": "9.30",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:bosch:network_synchronizer:*:*:*:*:standard:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_synchronizer",
"vendor": "bosch",
"versions": [
{
"lessThan": "9.30",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-25T15:01:35.742462Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T16:21:18.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Network Synchronizer Enterprise",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.30",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Network Synchronizer Standard",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.30",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Command Injection in the diagnostics interface of the Bosch Network Synchronizer allows unauthorized users full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-25T13:55:15.344Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-152190.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-152190.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2024-25002",
"datePublished": "2024-03-25T13:55:15.344Z",
"dateReserved": "2024-02-02T14:30:48.249Z",
"dateUpdated": "2024-08-09T16:21:18.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35867 (GCVE-0-2023-35867)
Vulnerability from cvelistv5 – Published: 2023-12-18 12:59 – Updated: 2024-08-02 16:30
VLAI?
Summary
An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks.
Severity ?
5.9 (Medium)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
0 , ≤ 12.0.0
(custom)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:45.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Configuration Manager",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "7.62",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 7000 R3",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 4000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 6000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Project Assistant",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Video Security Client",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.3.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "BIS Video Engine",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "5.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Intelligent Insights",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "1.0.3.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "ONVIF Camera Event Driver Tool",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.0.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T12:59:48.604Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-35867",
"datePublished": "2023-12-18T12:59:48.604Z",
"dateReserved": "2023-06-19T09:15:32.387Z",
"dateUpdated": "2024-08-02T16:30:45.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32230 (GCVE-0-2023-32230)
Vulnerability from cvelistv5 – Published: 2023-12-18 12:58 – Updated: 2024-08-02 15:10
VLAI?
Summary
An improper handling of a malformed API request to an API server in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation.
Severity ?
7.5 (High)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | Video Recording Manager |
Affected:
0 , ≤ 04.10.0079
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:24.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Video Recording Manager",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "04.10.0079",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Video Streaming Gateway",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "8.1.2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.0.0.178",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
}
]
},
{
"product": "Monitorwall",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "10.00.0164",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "VJD-7513",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "10.40.0055",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "VJD-7523",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "10.40.0055",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper handling of a malformed API request to an API server in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T12:58:08.690Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-32230",
"datePublished": "2023-12-18T12:58:08.690Z",
"dateReserved": "2023-05-04T21:01:16.508Z",
"dateUpdated": "2024-08-02T15:10:24.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34999 (GCVE-0-2023-34999)
Vulnerability from cvelistv5 – Published: 2023-09-18 10:16 – Updated: 2024-09-25 15:35
VLAI?
Summary
A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 (< 5.7.6) and v6 (< 6.5.0) that allows an attacker to perform arbitrary code execution via the admin web interface.
Severity ?
8.4 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RTS | VLink Virtual Matrix Software |
Affected:
5.0.0 , < 5.7.6
(custom)
Affected: 6.0.0 , < 6.5.0 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:17:04.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-893251-BT.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-893251-BT.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34999",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:35:34.761711Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:35:46.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "VLink Virtual Matrix Software",
"vendor": "RTS",
"versions": [
{
"lessThan": "5.7.6",
"status": "affected",
"version": "5.0.0",
"versionType": "custom"
},
{
"lessThan": "6.5.0",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 (\u003c 5.7.6) and v6 (\u003c 6.5.0) that allows an attacker to perform arbitrary code execution via the admin web interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-18T10:16:14.009Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-893251-BT.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-893251-BT.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-34999",
"datePublished": "2023-09-18T10:16:14.009Z",
"dateReserved": "2023-06-16T06:04:24.396Z",
"dateUpdated": "2024-09-25T15:35:46.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29241 (GCVE-0-2023-29241)
Vulnerability from cvelistv5 – Published: 2023-06-30 00:00 – Updated: 2024-11-26 19:59
VLAI?
Summary
Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network
Severity ?
8.1 (High)
CWE
- CWE-1112 - Incomplete Documentation of Program Execution
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-988400-BT.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T19:59:44.994388Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T19:59:56.176Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BIS",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1112",
"description": "CWE-1112 Incomplete Documentation of Program Execution",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T00:00:00",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-988400-BT.html"
}
],
"source": {
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-29241",
"datePublished": "2023-06-30T00:00:00",
"dateReserved": "2023-06-01T00:00:00",
"dateUpdated": "2024-11-26T19:59:56.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36302 (GCVE-0-2022-36302)
Vulnerability from cvelistv5 – Published: 2022-08-01 14:03 – Updated: 2024-08-03 10:00
VLAI?
Summary
File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information.
Severity ?
8.8 (High)
CWE
- CWE-641 - Improper Restriction of Names for Files and Other Resources
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-013924-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Bigfish V3 (Linux)"
],
"product": "BF-OS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.83",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"PR21 (Linux)"
],
"product": "BF-OS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.83",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"VM (Windows)"
],
"product": "BF-OS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.83",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-641",
"description": "CWE-641 Improper Restriction of Names for Files and Other Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T14:03:01",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-013924-bt.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"ID": "CVE-2022-36302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BF-OS",
"version": {
"version_data": [
{
"platform": "Bigfish V3 (Linux)",
"version_affected": "\u003c=",
"version_name": "3.0",
"version_value": "3.83"
},
{
"platform": "PR21 (Linux)",
"version_affected": "\u003c=",
"version_name": "3.0",
"version_value": "3.83"
},
{
"platform": "VM (Windows)",
"version_affected": "\u003c=",
"version_name": "3.0",
"version_value": "3.83"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-641 Improper Restriction of Names for Files and Other Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-013924-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-013924-bt.html"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2022-36302",
"datePublished": "2022-08-01T14:03:43",
"dateReserved": "2022-07-19T00:00:00",
"dateUpdated": "2024-08-03T10:00:04.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36301 (GCVE-0-2022-36301)
Vulnerability from cvelistv5 – Published: 2022-08-01 14:02 – Updated: 2024-08-03 10:00
VLAI?
Summary
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password.
Severity ?
9.8 (Critical)
CWE
- CWE-521 - Weak Password Requirements
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-013924-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Bigfish V3 (Linux)"
],
"product": "BF-OS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.83",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"PR21 (Linux)"
],
"product": "BF-OS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.83",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"VM (Windows)"
],
"product": "BF-OS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.83",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-521",
"description": "CWE-521 Weak Password Requirements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T14:02:31",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-013924-bt.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"ID": "CVE-2022-36301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BF-OS",
"version": {
"version_data": [
{
"platform": "Bigfish V3 (Linux)",
"version_affected": "\u003c=",
"version_name": "3.0",
"version_value": "3.83"
},
{
"platform": "PR21 (Linux)",
"version_affected": "\u003c=",
"version_name": "3.0",
"version_value": "3.83"
},
{
"platform": "VM (Windows)",
"version_affected": "\u003c=",
"version_name": "3.0",
"version_value": "3.83"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-521 Weak Password Requirements"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-013924-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-013924-bt.html"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2022-36301",
"datePublished": "2022-08-01T14:02:31",
"dateReserved": "2022-07-19T00:00:00",
"dateUpdated": "2024-08-03T10:00:04.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23863 (GCVE-0-2021-23863)
Vulnerability from cvelistv5 – Published: 2022-01-28 19:09 – Updated: 2024-09-16 18:24
VLAI?
Summary
HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully exploited allows an attacker to inject random HTML code into a component loaded by WebView, thus allowing the Application to display web resources controlled by the attacker.
Severity ?
6.1 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-844050.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully exploited allows an attacker to inject random HTML code into a component loaded by WebView, thus allowing the Application to display web resources controlled by the attacker."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-28T19:09:53",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-844050.html"
}
],
"source": {
"advisory": "BOSCH-SA-844050-BT",
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2022-01-26",
"ID": "CVE-2021-23863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully exploited allows an attacker to inject random HTML code into a component loaded by WebView, thus allowing the Application to display web resources controlled by the attacker."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-844050.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-844050.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-844050-BT",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23863",
"datePublished": "2022-01-28T19:09:53.667620Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-16T18:24:00.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23843 (GCVE-0-2021-23843)
Vulnerability from cvelistv5 – Published: 2022-01-19 20:38 – Updated: 2024-09-16 23:01
VLAI?
Title
Lack of authentication mechanisms on the device
Summary
The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this protection and make unauthorized changes to configuration data on the device. An attacker can exploit this vulnerability to manipulate the device\'s configuration or make it unresponsive in the local network. The attacker needs to have access to the local network, typically even the same subnet.
Severity ?
8.8 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMS",
"vendor": "Bosch",
"versions": [
{
"lessThan": "4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "APE",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.8.x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "BIS",
"vendor": "Bosch",
"versions": [
{
"lessThan": "4.9.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AMC2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"datePublic": "2022-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this protection and make unauthorized changes to configuration data on the device. An attacker can exploit this vulnerability to manipulate the device\\\u0027s configuration or make it unresponsive in the local network. The attacker needs to have access to the local network, typically even the same subnet."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-19T20:38:55",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html"
}
],
"source": {
"advisory": "BOSCH-SA-940448-BT",
"discovery": "EXTERNAL"
},
"title": "Lack of authentication mechanisms on the device",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2022-01-19",
"ID": "CVE-2021-23843",
"STATE": "PUBLIC",
"TITLE": "Lack of authentication mechanisms on the device"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "4.0"
}
]
}
},
{
"product_name": "APE",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.8.x"
}
]
}
},
{
"product_name": "BIS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "4.9.1"
}
]
}
},
{
"product_name": "AMC2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this protection and make unauthorized changes to configuration data on the device. An attacker can exploit this vulnerability to manipulate the device\\\u0027s configuration or make it unresponsive in the local network. The attacker needs to have access to the local network, typically even the same subnet."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-940448-BT",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23843",
"datePublished": "2022-01-19T20:38:55.465356Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-16T23:01:30.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23842 (GCVE-0-2021-23842)
Vulnerability from cvelistv5 – Published: 2022-01-19 20:38 – Updated: 2024-09-16 21:56
VLAI?
Title
Use of Hard-coded Cryptographic Key
Summary
Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\'s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet.
Severity ?
5.7 (Medium)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMS",
"vendor": "Bosch",
"versions": [
{
"lessThan": "4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "APE",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.8.x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "BIS",
"vendor": "Bosch",
"versions": [
{
"lessThan": "4.9.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AMC2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"datePublic": "2022-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\\\u0027s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-19T20:38:54",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html"
}
],
"source": {
"advisory": "BOSCH-SA-940448-BT",
"discovery": "EXTERNAL"
},
"title": "Use of Hard-coded Cryptographic Key",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2022-01-19",
"ID": "CVE-2021-23842",
"STATE": "PUBLIC",
"TITLE": "Use of Hard-coded Cryptographic Key"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "4.0"
}
]
}
},
{
"product_name": "APE",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.8.x"
}
]
}
},
{
"product_name": "BIS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "4.9.1"
}
]
}
},
{
"product_name": "AMC2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\\\u0027s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-321 Use of Hard-coded Cryptographic Key"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-940448-BT.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-940448-BT",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23842",
"datePublished": "2022-01-19T20:38:54.368368Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-16T21:56:51.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23859 (GCVE-0-2021-23859)
Vulnerability from cvelistv5 – Published: 2021-12-08 21:17 – Updated: 2024-09-16 19:45
VLAI?
Title
Denial of Service and Authentication Bypass Vulnerability in multiple Bosch products
Summary
An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859
Severity ?
9.1 (Critical)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , ≤ 9.0.0
(custom)
Affected: 11.0 , < 11.0.0 (custom) Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "VRM",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.81",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.00.0070",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.83.0021",
"status": "affected",
"version": "3.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.82.0057",
"status": "affected",
"version": "3.82",
"versionType": "custom"
}
]
},
{
"product": "VRM Exporter",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.10.0008",
"status": "affected",
"version": "2.1",
"versionType": "custom"
}
]
},
{
"product": "APE",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.8.x.x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AEC",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.9.1.x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "BIS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "4.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T21:17:23",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "EXTERNAL"
},
"title": "Denial of Service and Authentication Bypass Vulnerability in multiple Bosch products",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-12-08",
"ID": "CVE-2021-23859",
"STATE": "PUBLIC",
"TITLE": "Denial of Service and Authentication Bypass Vulnerability in multiple Bosch products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c=",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "VRM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.0",
"version_value": "4.00.0070"
},
{
"version_affected": "\u003c=",
"version_name": "3.83",
"version_value": "3.83.0021"
},
{
"version_affected": "\u003c=",
"version_name": "3.82",
"version_value": "3.82.0057"
},
{
"version_affected": "\u003c=",
"version_value": "3.81"
}
]
}
},
{
"product_name": "VRM Exporter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.1",
"version_value": "2.10.0008"
}
]
}
},
{
"product_name": "APE",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.8.x.x"
}
]
}
},
{
"product_name": "AEC",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.9.1.x"
}
]
}
},
{
"product_name": "BIS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "4.9"
},
{
"version_affected": "\u003c=",
"version_value": "4.8"
},
{
"version_affected": "\u003c=",
"version_value": "4.7"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-703 Improper Check or Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23859",
"datePublished": "2021-12-08T21:17:23.528438Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-16T19:45:43.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6790 (GCVE-0-2020-6790)
Vulnerability from cvelistv5 – Published: 2021-03-25 15:53 – Updated: 2024-09-17 04:25
VLAI?
Title
Uncontrolled Search Path Element in Bosch Video Streaming Gateway Installer
Summary
Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious exe in the same directory where the installer is started from.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Bosch | Video Streaming Gateway |
Affected:
unspecified , ≤ 6.45.10
(custom)
|
Credits
Dhiraj Mishra
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Video Streaming Gateway",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "6.45.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Dhiraj Mishra"
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious exe in the same directory where the installer is started from."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T15:53:57",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "EXTERNAL"
},
"title": "Uncontrolled Search Path Element in Bosch Video Streaming Gateway Installer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-03-24",
"ID": "CVE-2020-6790",
"STATE": "PUBLIC",
"TITLE": "Uncontrolled Search Path Element in Bosch Video Streaming Gateway Installer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Video Streaming Gateway",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "6.45.10"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Dhiraj Mishra"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious exe in the same directory where the installer is started from."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6790",
"datePublished": "2021-03-25T15:53:57.342668Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-17T04:25:29.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6789 (GCVE-0-2020-6789)
Vulnerability from cvelistv5 – Published: 2021-03-25 15:53 – Updated: 2024-09-16 19:29
VLAI?
Title
Uncontrolled Search Path Element in Bosch Monitor Wall Installer
Summary
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Bosch | Monitor Wall |
Affected:
unspecified , ≤ 10.00.0164
(custom)
|
Credits
Dhiraj Mishra
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Monitor Wall",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "10.00.0164",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Dhiraj Mishra"
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T15:53:03",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "EXTERNAL"
},
"title": "Uncontrolled Search Path Element in Bosch Monitor Wall Installer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-03-24",
"ID": "CVE-2020-6789",
"STATE": "PUBLIC",
"TITLE": "Uncontrolled Search Path Element in Bosch Monitor Wall Installer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Monitor Wall",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "10.00.0164"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Dhiraj Mishra"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6789",
"datePublished": "2021-03-25T15:53:03.874748Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-16T19:29:59.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6788 (GCVE-0-2020-6788)
Vulnerability from cvelistv5 – Published: 2021-03-25 15:52 – Updated: 2024-09-16 23:56
VLAI?
Title
Uncontrolled Search Path Element in Bosch Configuration Manager Installer
Summary
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Bosch | Configuration Manager |
Affected:
unspecified , ≤ 7.21.0078
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.100Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Configuration Manager",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "7.21.0078",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T15:52:28",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
},
"title": "Uncontrolled Search Path Element in Bosch Configuration Manager Installer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-03-24",
"ID": "CVE-2020-6788",
"STATE": "PUBLIC",
"TITLE": "Uncontrolled Search Path Element in Bosch Configuration Manager Installer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Configuration Manager",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "7.21.0078"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6788",
"datePublished": "2021-03-25T15:52:28.633005Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-16T23:56:16.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6787 (GCVE-0-2020-6787)
Vulnerability from cvelistv5 – Published: 2021-03-25 15:51 – Updated: 2024-09-16 16:17
VLAI?
Title
Uncontrolled Search Path Element in Bosch Video Client installer
Summary
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Client installer up to and including version 1.7.6.079 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Bosch | Video Client |
Affected:
unspecified , ≤ 1.7.6.079
(custom)
|
Credits
Eli Paz of CyberArk
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Video Client",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "1.7.6.079",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Eli Paz of CyberArk"
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Client installer up to and including version 1.7.6.079 potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T15:51:52",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "EXTERNAL"
},
"title": "Uncontrolled Search Path Element in Bosch Video Client installer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-03-24",
"ID": "CVE-2020-6787",
"STATE": "PUBLIC",
"TITLE": "Uncontrolled Search Path Element in Bosch Video Client installer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Video Client",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.7.6.079"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Eli Paz of CyberArk"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Client installer up to and including version 1.7.6.079 potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6787",
"datePublished": "2021-03-25T15:51:52.201429Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-16T16:17:43.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6786 (GCVE-0-2020-6786)
Vulnerability from cvelistv5 – Published: 2021-03-25 15:51 – Updated: 2024-09-16 17:38
VLAI?
Title
Uncontrolled Search Path Element in Bosch Video Recording Manager Installer
Summary
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Bosch | Video Recording Manager |
Affected:
3.71 and older all
Affected: 3.82 , ≤ 3.82.0055 (custom) Affected: 3.81 , ≤ 3.81.0064 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.029Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Video Recording Manager",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "3.71 and older all"
},
{
"lessThanOrEqual": "3.82.0055",
"status": "affected",
"version": "3.82",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.81.0064",
"status": "affected",
"version": "3.81",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T15:51:06",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
},
"title": "Uncontrolled Search Path Element in Bosch Video Recording Manager Installer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-03-24",
"ID": "CVE-2020-6786",
"STATE": "PUBLIC",
"TITLE": "Uncontrolled Search Path Element in Bosch Video Recording Manager Installer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Video Recording Manager",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "3.82",
"version_value": "3.82.0055"
},
{
"version_affected": "\u003c=",
"version_name": "3.81",
"version_value": "3.81.0064"
},
{
"version_affected": "=",
"version_name": "3.71 and older",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6786",
"datePublished": "2021-03-25T15:51:06.153501Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-16T17:38:51.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6785 (GCVE-0-2020-6785)
Vulnerability from cvelistv5 – Published: 2021-03-25 15:49 – Updated: 2024-09-17 00:35
VLAI?
Title
Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer
Summary
Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , < 9.0.0
(custom)
Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T15:49:53",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
},
"title": "Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-03-24",
"ID": "CVE-2020-6785",
"STATE": "PUBLIC",
"TITLE": "Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "BVMS Viewer",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6785",
"datePublished": "2021-03-25T15:49:54.005154Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-17T00:35:36.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6771 (GCVE-0-2020-6771)
Vulnerability from cvelistv5 – Published: 2021-03-25 15:48 – Updated: 2024-09-16 20:27
VLAI?
Title
Uncontrolled Search Path Element in Bosch IP Helper
Summary
Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same application directory as the portable IP Helper application.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Credits
Nir Yehoshua
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:04.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IP Helper",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "1.00.0008",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Nir Yehoshua"
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same application directory as the portable IP Helper application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T15:48:28",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "EXTERNAL"
},
"title": "Uncontrolled Search Path Element in Bosch IP Helper",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-03-24",
"ID": "CVE-2020-6771",
"STATE": "PUBLIC",
"TITLE": "Uncontrolled Search Path Element in Bosch IP Helper"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IP Helper",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.00.0008"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Nir Yehoshua"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim\u0027s system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same application directory as the portable IP Helper application."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6771",
"datePublished": "2021-03-25T15:48:28.648159Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-16T20:27:14.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11684 (GCVE-0-2019-11684)
Vulnerability from cvelistv5 – Published: 2021-02-26 15:05 – Updated: 2024-09-17 01:22
VLAI?
Title
Improper Access Control in Bosch Video Recording Manager
Summary
Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 < v3.71.0034 and v3.81 < 3.81.0050; DIVAR IP 5000 3.80 < 3.80.0039; BVMS all versions using VRM.
Severity ?
9.9 (Critical)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-804652.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 \u003c v3.71.0034 and v3.81 \u003c 3.81.0050; DIVAR IP 5000 3.80 \u003c 3.80.0039; BVMS all versions using VRM."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-26T15:05:45",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-804652.html"
}
],
"source": {
"advisory": "BOSCH-SA-804652-BT",
"discovery": "INTERNAL"
},
"title": "Improper Access Control in Bosch Video Recording Manager",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2019-05-09",
"ID": "CVE-2019-11684",
"STATE": "PUBLIC",
"TITLE": "Improper Access Control in Bosch Video Recording Manager"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 \u003c v3.71.0034 and v3.81 \u003c 3.81.0050; DIVAR IP 5000 3.80 \u003c 3.80.0039; BVMS all versions using VRM."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-804652.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-804652.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-804652-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11684",
"datePublished": "2021-02-26T15:05:45.533535Z",
"dateReserved": "2019-05-02T00:00:00",
"dateUpdated": "2024-09-17T01:22:05.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6780 (GCVE-0-2020-6780)
Vulnerability from cvelistv5 – Published: 2021-01-25 18:41 – Updated: 2024-09-17 01:11
VLAI?
Title
Password Hash With Insufficient Computational Effort in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server
Summary
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash.
Severity ?
4.4 (Medium)
CWE
- CWE-916 - Use of Password Hash With Insufficient Computational Effort
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FSM-2500",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "5.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "FSM-5000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "5.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-916",
"description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-25T18:41:41",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html"
}
],
"source": {
"advisory": "BOSCH-SA-332072-BT",
"discovery": "INTERNAL"
},
"title": "Password Hash With Insufficient Computational Effort in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-01-20",
"ID": "CVE-2020-6780",
"STATE": "PUBLIC",
"TITLE": "Password Hash With Insufficient Computational Effort in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FSM-2500",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "5.2"
}
]
}
},
{
"product_name": "FSM-5000",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "5.2"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-916 Use of Password Hash With Insufficient Computational Effort"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html",
"refsource": "MISC",
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-332072-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6780",
"datePublished": "2021-01-25T18:41:41.783722Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-17T01:11:14.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6781 (GCVE-0-2020-6781)
Vulnerability from cvelistv5 – Published: 2020-09-16 18:10 – Updated: 2024-09-16 17:14
VLAI?
Title
Improper Certificate Validation in Bosch Smart Home System App for iOS
Summary
Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack.
Severity ?
6.8 (Medium)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Bosch | Smart Home |
Affected:
unspecified , < 9.17.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-347336.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"iOS"
],
"product": "Smart Home",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.17.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-16T18:10:43",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-347336.html"
}
],
"source": {
"advisory": "BOSCH-SA-347336",
"discovery": "INTERNAL"
},
"title": "Improper Certificate Validation in Bosch Smart Home System App for iOS",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2020-08-25T00:00:00.000Z",
"ID": "CVE-2020-6781",
"STATE": "PUBLIC",
"TITLE": "Improper Certificate Validation in Bosch Smart Home System App for iOS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Smart Home",
"version": {
"version_data": [
{
"platform": "iOS",
"version_affected": "\u003c",
"version_value": "9.17.1"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-347336.html",
"refsource": "MISC",
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-347336.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-347336",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6781",
"datePublished": "2020-09-16T18:10:43.568646Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-16T17:14:05.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6774 (GCVE-0-2020-6774)
Vulnerability from cvelistv5 – Published: 2020-05-27 16:38 – Updated: 2024-09-16 22:56
VLAI?
Title
Kiosk Mode Breakout in Bosch Recording Station
Summary
Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system.
Severity ?
9.3 (Critical)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Bosch | Bosch Recording Station |
Affected:
All
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:04.728Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-363824-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Bosch Recording Station",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"datePublic": "2020-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-27T16:38:02",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-363824-BT.html"
}
],
"source": {
"advisory": "BOSCH-SA-363824-BT",
"discovery": "INTERNAL"
},
"title": "Kiosk Mode Breakout in Bosch Recording Station",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2020-05-27T00:00:00.000Z",
"ID": "CVE-2020-6774",
"STATE": "PUBLIC",
"TITLE": "Kiosk Mode Breakout in Bosch Recording Station"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Bosch Recording Station",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-363824-BT.html",
"refsource": "MISC",
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-363824-BT.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-363824-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6774",
"datePublished": "2020-05-27T16:38:02.719482Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-16T22:56:04.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6769 (GCVE-0-2020-6769)
Vulnerability from cvelistv5 – Published: 2020-02-07 19:57 – Updated: 2024-09-16 21:03
VLAI?
Title
Missing Authentication for Critical Function in Bosch Video Streaming Gateway
Summary
Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded video data of all cameras configured to be controlled by the VSG as well as the recording storage associated with the VSG. This affects Bosch Video Streaming Gateway versions 6.45 <= 6.45.08, 6.44 <= 6.44.022, 6.43 <= 6.43.0023 and 6.42.10 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable VSG version is installed with BVMS. This affects Bosch DIVAR IP 2000 <= 3.62.0019 and DIVAR IP 5000 <= 3.80.0039 if the corresponding port 8023 has been opened in the device's firewall.
Severity ?
10 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | DIVAR IP 2000 |
Affected:
unspecified , ≤ 3.62.0019
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:04.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-260625-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DIVAR IP 2000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.62.0019",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 5000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.80.0039",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Video Streaming Gateway",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "6.45.08",
"status": "affected",
"version": "6.45",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.44.0030",
"status": "affected",
"version": "6.44",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.43.0023",
"status": "affected",
"version": "6.43",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.42.10",
"status": "affected",
"version": "6.42 and older",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 3000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"product": "DIVAR IP 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"datePublic": "2020-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded video data of all cameras configured to be controlled by the VSG as well as the recording storage associated with the VSG. This affects Bosch Video Streaming Gateway versions 6.45 \u003c= 6.45.08, 6.44 \u003c= 6.44.022, 6.43 \u003c= 6.43.0023 and 6.42.10 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable VSG version is installed with BVMS. This affects Bosch DIVAR IP 2000 \u003c= 3.62.0019 and DIVAR IP 5000 \u003c= 3.80.0039 if the corresponding port 8023 has been opened in the device\u0027s firewall."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-07T19:57:12",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-260625-BT.html"
}
],
"source": {
"advisory": "BOSCH-SA-260625-BT",
"discovery": "INTERNAL"
},
"title": "Missing Authentication for Critical Function in Bosch Video Streaming Gateway",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2020-01-29T13:00:00.000Z",
"ID": "CVE-2020-6769",
"STATE": "PUBLIC",
"TITLE": "Missing Authentication for Critical Function in Bosch Video Streaming Gateway"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DIVAR IP 2000",
"version": {
"version_data": [
{
"configuration": "port 8023 on device\u0027s firewall opened explicitly and vulnerable VSG version installed",
"version_affected": "\u003c=",
"version_value": "3.62.0019"
}
]
}
},
{
"product_name": "DIVAR IP 5000",
"version": {
"version_data": [
{
"configuration": "port 8023 on device\u0027s firewall opened explicitly and vulnerable VSG version installed",
"version_affected": "\u003c=",
"version_value": "3.80.0039"
}
]
}
},
{
"product_name": "Video Streaming Gateway",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "6.45",
"version_value": "6.45.08"
},
{
"version_affected": "\u003c=",
"version_name": "6.44",
"version_value": "6.44.0030"
},
{
"version_affected": "\u003c=",
"version_name": "6.43",
"version_value": "6.43.0023"
},
{
"version_affected": "\u003c=",
"version_name": "6.42 and older",
"version_value": "6.42.10"
}
]
}
},
{
"product_name": "DIVAR IP 3000",
"version": {
"version_data": [
{
"configuration": "vulnerable VSG version installed",
"version_affected": "=",
"version_value": "All"
}
]
}
},
{
"product_name": "DIVAR IP 7000",
"version": {
"version_data": [
{
"configuration": "vulnerable VSG version installed",
"version_affected": "=",
"version_value": "All"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"configuration": "vulnerable VSG version installed",
"version_affected": "=",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded video data of all cameras configured to be controlled by the VSG as well as the recording storage associated with the VSG. This affects Bosch Video Streaming Gateway versions 6.45 \u003c= 6.45.08, 6.44 \u003c= 6.44.022, 6.43 \u003c= 6.43.0023 and 6.42.10 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable VSG version is installed with BVMS. This affects Bosch DIVAR IP 2000 \u003c= 3.62.0019 and DIVAR IP 5000 \u003c= 3.80.0039 if the corresponding port 8023 has been opened in the device\u0027s firewall."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-260625-BT.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-260625-BT.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-260625-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6769",
"datePublished": "2020-02-07T19:57:12.914579Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-16T21:03:26.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11899 (GCVE-0-2019-11899)
Vulnerability from cvelistv5 – Published: 2019-09-12 18:30 – Updated: 2024-09-17 02:17
VLAI?
Summary
An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation. With Bosch Access Professional Edition (APE) 3.8, client installations need to be authorized by the APE administrator.
Severity ?
8.8 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Bosch | Access Professional Edition |
Affected:
unspecified , ≤ 3.7
(custom)
|
Credits
Oleksii Orekhov
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:29.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-844044.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Professional Edition",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Oleksii Orekhov"
}
],
"datePublic": "2019-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation. With Bosch Access Professional Edition (APE) 3.8, client installations need to be authorized by the APE administrator."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-12T18:30:58",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-844044.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2019-09-11T00:00:00.000Z",
"ID": "CVE-2019-11899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Professional Edition",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.7"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Oleksii Orekhov"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation. With Bosch Access Professional Edition (APE) 3.8, client installations need to be authorized by the APE administrator."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/Advisory/BOSCH-SA-844044.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-844044.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2019-11899",
"datePublished": "2019-09-12T18:30:58.728052Z",
"dateReserved": "2019-05-13T00:00:00",
"dateUpdated": "2024-09-17T02:17:02.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11898 (GCVE-0-2019-11898)
Vulnerability from cvelistv5 – Published: 2019-09-12 18:23 – Updated: 2024-09-17 04:09
VLAI?
Summary
Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. The service tool is discontinued with Bosch Access Professional Edition (APE) 3.8.
Severity ?
9.9 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Bosch | Access Professional Edition |
Affected:
unspecified , ≤ 3.7
(custom)
|
Credits
Oleksii Orekhov
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:29.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-710832.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Professional Edition",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Oleksii Orekhov"
}
],
"datePublic": "2019-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. The service tool is discontinued with Bosch Access Professional Edition (APE) 3.8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-12T18:23:21",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-710832.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2019-09-11T00:00:00.000Z",
"ID": "CVE-2019-11898",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Professional Edition",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.7"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Oleksii Orekhov"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. The service tool is discontinued with Bosch Access Professional Edition (APE) 3.8."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/Advisory/BOSCH-SA-710832.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-710832.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2019-11898",
"datePublished": "2019-09-12T18:23:21.989608Z",
"dateReserved": "2019-05-13T00:00:00",
"dateUpdated": "2024-09-17T04:09:20.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11603 (GCVE-0-2019-11603)
Vulnerability from cvelistv5 – Published: 2019-08-21 19:29 – Updated: 2024-09-16 23:46
VLAI?
Title
Path traversal in ProSyst mBS SDK and Bosch IoT Gateway Software
Summary
A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Philip Kazmeier
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:55:41.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Philip Kazmeier"
}
],
"datePublic": "2019-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T19:29:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
],
"source": {
"advisory": "BOSCH-SA-562575",
"discovery": "EXTERNAL"
},
"title": "Path traversal in ProSyst mBS SDK and Bosch IoT Gateway Software",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2019-08-19T00:00:00.000Z",
"ID": "CVE-2019-11603",
"STATE": "PUBLIC",
"TITLE": "Path traversal in ProSyst mBS SDK and Bosch IoT Gateway Software"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Philip Kazmeier"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-562575",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11603",
"datePublished": "2019-08-21T19:29:23.032959Z",
"dateReserved": "2019-04-30T00:00:00",
"dateUpdated": "2024-09-16T23:46:18.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11602 (GCVE-0-2019-11602)
Vulnerability from cvelistv5 – Published: 2019-08-21 19:21 – Updated: 2024-09-17 00:56
VLAI?
Title
Leakage of stack traces in the backup & restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software
Summary
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure.
Severity ?
5.3 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Philip Kazmeier
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:55:41.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Philip Kazmeier"
}
],
"datePublic": "2019-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Leakage of stack traces in remote access to backup \u0026 restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T19:21:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
],
"source": {
"advisory": "BOSCH-SA-562575",
"discovery": "EXTERNAL"
},
"title": "Leakage of stack traces in the backup \u0026 restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2019-08-19T00:00:00.000Z",
"ID": "CVE-2019-11602",
"STATE": "PUBLIC",
"TITLE": "Leakage of stack traces in the backup \u0026 restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Philip Kazmeier"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Leakage of stack traces in remote access to backup \u0026 restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-562575",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11602",
"datePublished": "2019-08-21T19:21:38.452272Z",
"dateReserved": "2019-04-30T00:00:00",
"dateUpdated": "2024-09-17T00:56:40.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11601 (GCVE-0-2019-11601)
Vulnerability from cvelistv5 – Published: 2019-08-21 19:09 – Updated: 2024-09-16 17:59
VLAI?
Title
Path traversal in the backup & restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software
Summary
A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location.
Severity ?
9.1 (Critical)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Philip Kazmeier
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:55:41.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Philip Kazmeier"
}
],
"datePublic": "2019-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability in remote access to backup \u0026 restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T19:09:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
],
"source": {
"advisory": "BOSCH-SA-562575",
"discovery": "EXTERNAL"
},
"title": "Path traversal in the backup \u0026 restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2019-08-19T00:00:00.000Z",
"ID": "CVE-2019-11601",
"STATE": "PUBLIC",
"TITLE": "Path traversal in the backup \u0026 restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Philip Kazmeier"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A directory traversal vulnerability in remote access to backup \u0026 restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-562575",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11601",
"datePublished": "2019-08-21T19:09:01.029744Z",
"dateReserved": "2019-04-30T00:00:00",
"dateUpdated": "2024-09-16T17:59:22.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11897 (GCVE-0-2019-11897)
Vulnerability from cvelistv5 – Published: 2019-08-21 17:09 – Updated: 2024-09-17 03:55
VLAI?
Title
Server-side request forgery in the backup & restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software
Summary
A Server-Side Request Forgery (SSRF) vulnerability in the backup & restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. In addition, this could potentially allow an attacker to read sensitive zip files from the local server.
Severity ?
8.6 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Bosch | IoT Gateway Software |
Affected:
unspecified , < 9.3.0
(custom)
|
||
Credits
Philip Kazmeier
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:29.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IoT Gateway Software",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "mBS SDK",
"vendor": "ProSyst",
"versions": [
{
"lessThan": "8.2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Philip Kazmeier"
}
],
"datePublic": "2019-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Server-Side Request Forgery (SSRF) vulnerability in the backup \u0026 restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. In addition, this could potentially allow an attacker to read sensitive zip files from the local server."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T17:09:52",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
],
"source": {
"advisory": "BOSCH-SA-562575",
"discovery": "EXTERNAL"
},
"title": "Server-side request forgery in the backup \u0026 restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2019-08-19T00:00:00.000Z",
"ID": "CVE-2019-11897",
"STATE": "PUBLIC",
"TITLE": "Server-side request forgery in the backup \u0026 restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IoT Gateway Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.3.0"
}
]
}
}
]
},
"vendor_name": "Bosch"
},
{
"product": {
"product_data": [
{
"product_name": "mBS SDK",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "8.2.6"
}
]
}
}
]
},
"vendor_name": "ProSyst"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Philip Kazmeier"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Server-Side Request Forgery (SSRF) vulnerability in the backup \u0026 restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. In addition, this could potentially allow an attacker to read sensitive zip files from the local server."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-562575.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-562575",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2019-11897",
"datePublished": "2019-08-21T17:09:52.545972Z",
"dateReserved": "2019-05-13T00:00:00",
"dateUpdated": "2024-09-17T03:55:02.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}