Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-13523 (GCVE-0-2019-13523)
Vulnerability from cvelistv5 – Published: 2019-09-26 14:22 – Updated: 2024-08-04 23:57- CWE-200 - INFORMATION EXPOSURE CWE-200
| URL | Tags |
|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-260-03 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Honeywell | Performance IP Cameras |
Affected:
HBD3PR2
Affected: H4D3PRV3 Affected: HED3PR3 Affected: H4D3PRV2 Affected: HBD3PR1 Affected: H4W8PR2 Affected: HBW8PR2 Affected: H2W2PC1M Affected: H2W4PER3 Affected: H2W2PER3 Affected: HEW2PER3 Affected: HEW4PER3B Affected: HBW2PER1 Affected: HEW4PER2 Affected: HEW4PER2B Affected: HEW2PER2 Affected: H4W2PER2 Affected: HBW2PER2 Affected: H4W2PER3 Affected: HPW2P1 |
|
| Honeywell | Performance NVRs |
Affected:
HEN08104
Affected: HEN08144 Affected: HEN081124 Affected: HEN16104 Affected: HEN16144 Affected: HEN16184 Affected: HEN16204 Affected: HEN162244 Affected: HEN16284 Affected: HEN16304 Affected: HEN16384 Affected: HEN32104 Affected: HEN321124 Affected: HEN32204 Affected: HEN32284 Affected: HEN322164 Affected: HEN32304 Affected: HEN32384 Affected: HEN323164 Affected: HEN64204 Affected: HEN64304 Affected: HEN643164 Affected: HEN643324 Affected: HEN643484 Affected: HEN04103 Affected: HEN04113 Affected: HEN04123 Affected: HEN08103 Affected: HEN08113 Affected: HEN08123 Affected: HEN08143 Affected: HEN16103 Affected: HEN16123 Affected: HEN16143 Affected: HEN16163 Affected: HEN04103L Affected: HEN08103L Affected: HEN16103L Affected: HEN32103L |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Performance IP Cameras",
"vendor": "Honeywell",
"versions": [
{
"status": "affected",
"version": "HBD3PR2"
},
{
"status": "affected",
"version": "H4D3PRV3"
},
{
"status": "affected",
"version": "HED3PR3"
},
{
"status": "affected",
"version": "H4D3PRV2"
},
{
"status": "affected",
"version": "HBD3PR1"
},
{
"status": "affected",
"version": "H4W8PR2"
},
{
"status": "affected",
"version": "HBW8PR2"
},
{
"status": "affected",
"version": "H2W2PC1M"
},
{
"status": "affected",
"version": "H2W4PER3"
},
{
"status": "affected",
"version": "H2W2PER3"
},
{
"status": "affected",
"version": "HEW2PER3"
},
{
"status": "affected",
"version": "HEW4PER3B"
},
{
"status": "affected",
"version": "HBW2PER1"
},
{
"status": "affected",
"version": "HEW4PER2"
},
{
"status": "affected",
"version": "HEW4PER2B"
},
{
"status": "affected",
"version": "HEW2PER2"
},
{
"status": "affected",
"version": "H4W2PER2"
},
{
"status": "affected",
"version": "HBW2PER2"
},
{
"status": "affected",
"version": "H4W2PER3"
},
{
"status": "affected",
"version": "HPW2P1"
}
]
},
{
"product": "Performance NVRs",
"vendor": "Honeywell",
"versions": [
{
"status": "affected",
"version": "HEN08104"
},
{
"status": "affected",
"version": "HEN08144"
},
{
"status": "affected",
"version": "HEN081124"
},
{
"status": "affected",
"version": "HEN16104"
},
{
"status": "affected",
"version": "HEN16144"
},
{
"status": "affected",
"version": "HEN16184"
},
{
"status": "affected",
"version": "HEN16204"
},
{
"status": "affected",
"version": "HEN162244"
},
{
"status": "affected",
"version": "HEN16284"
},
{
"status": "affected",
"version": "HEN16304"
},
{
"status": "affected",
"version": "HEN16384"
},
{
"status": "affected",
"version": "HEN32104"
},
{
"status": "affected",
"version": "HEN321124"
},
{
"status": "affected",
"version": "HEN32204"
},
{
"status": "affected",
"version": "HEN32284"
},
{
"status": "affected",
"version": "HEN322164"
},
{
"status": "affected",
"version": "HEN32304"
},
{
"status": "affected",
"version": "HEN32384"
},
{
"status": "affected",
"version": "HEN323164"
},
{
"status": "affected",
"version": "HEN64204"
},
{
"status": "affected",
"version": "HEN64304"
},
{
"status": "affected",
"version": "HEN643164"
},
{
"status": "affected",
"version": "HEN643324"
},
{
"status": "affected",
"version": "HEN643484"
},
{
"status": "affected",
"version": "HEN04103"
},
{
"status": "affected",
"version": "HEN04113"
},
{
"status": "affected",
"version": "HEN04123"
},
{
"status": "affected",
"version": "HEN08103"
},
{
"status": "affected",
"version": "HEN08113"
},
{
"status": "affected",
"version": "HEN08123"
},
{
"status": "affected",
"version": "HEN08143"
},
{
"status": "affected",
"version": "HEN16103"
},
{
"status": "affected",
"version": "HEN16123"
},
{
"status": "affected",
"version": "HEN16143"
},
{
"status": "affected",
"version": "HEN16163"
},
{
"status": "affected",
"version": "HEN04103L"
},
{
"status": "affected",
"version": "HEN08103L"
},
{
"status": "affected",
"version": "HEN16103L"
},
{
"status": "affected",
"version": "HEN32103L"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "INFORMATION EXPOSURE CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-26T14:22:59.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-13523",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Performance IP Cameras",
"version": {
"version_data": [
{
"version_value": "HBD3PR2"
},
{
"version_value": "H4D3PRV3"
},
{
"version_value": "HED3PR3"
},
{
"version_value": "H4D3PRV2"
},
{
"version_value": "HBD3PR1"
},
{
"version_value": "H4W8PR2"
},
{
"version_value": "HBW8PR2"
},
{
"version_value": "H2W2PC1M"
},
{
"version_value": "H2W4PER3"
},
{
"version_value": "H2W2PER3"
},
{
"version_value": "HEW2PER3"
},
{
"version_value": "HEW4PER3B"
},
{
"version_value": "HBW2PER1"
},
{
"version_value": "HEW4PER2"
},
{
"version_value": "HEW4PER2B"
},
{
"version_value": "HEW2PER2"
},
{
"version_value": "H4W2PER2"
},
{
"version_value": "HBW2PER2"
},
{
"version_value": "H4W2PER3"
},
{
"version_value": "HPW2P1"
}
]
}
},
{
"product_name": "Performance NVRs",
"version": {
"version_data": [
{
"version_value": "HEN08104"
},
{
"version_value": "HEN08144"
},
{
"version_value": "HEN081124"
},
{
"version_value": "HEN16104"
},
{
"version_value": "HEN16144"
},
{
"version_value": "HEN16184"
},
{
"version_value": "HEN16204"
},
{
"version_value": "HEN162244"
},
{
"version_value": "HEN16284"
},
{
"version_value": "HEN16304"
},
{
"version_value": "HEN16384"
},
{
"version_value": "HEN32104"
},
{
"version_value": "HEN321124"
},
{
"version_value": "HEN32204"
},
{
"version_value": "HEN32284"
},
{
"version_value": "HEN322164"
},
{
"version_value": "HEN32304"
},
{
"version_value": "HEN32384"
},
{
"version_value": "HEN323164"
},
{
"version_value": "HEN64204"
},
{
"version_value": "HEN64304"
},
{
"version_value": "HEN643164"
},
{
"version_value": "HEN643324"
},
{
"version_value": "HEN643484"
},
{
"version_value": "HEN04103"
},
{
"version_value": "HEN04113"
},
{
"version_value": "HEN04123"
},
{
"version_value": "HEN08103"
},
{
"version_value": "HEN08113"
},
{
"version_value": "HEN08123"
},
{
"version_value": "HEN08143"
},
{
"version_value": "HEN16103"
},
{
"version_value": "HEN16123"
},
{
"version_value": "HEN16143"
},
{
"version_value": "HEN16163"
},
{
"version_value": "HEN04103L"
},
{
"version_value": "HEN08103L"
},
{
"version_value": "HEN16103L"
},
{
"version_value": "HEN32103L"
}
]
}
}
]
},
"vendor_name": "Honeywell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INFORMATION EXPOSURE CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-13523",
"datePublished": "2019-09-26T14:22:59.000Z",
"dateReserved": "2019-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:57:39.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-13523",
"date": "2026-07-01",
"epss": "0.0183",
"percentile": "0.76217"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-13523\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2019-09-26T16:15:11.067\",\"lastModified\":\"2024-11-21T04:25:04.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L.\"},{\"lang\":\"es\",\"value\":\"En las c\u00e1maras IP y NVRs Honeywell Performance, el servidor web integrado de los dispositivos afectados podr\u00eda permitir a atacantes remotos obtener datos de configuraci\u00f3n web en formato JSON para c\u00e1maras IP y NVR (Network Video Recorders), que pueden ser accedidos sin autenticaci\u00f3n a trav\u00e9s de la red. C\u00e1maras IP Performance afectadas: HBD3PR2, H4D3PRV3, HED3PR3, H4D3PRV2, HBD3PR1, H4W8PR2, HBW8PR2, H2W2PC1M, H2W4PER3, H2W2PER3, HEW2PER3, HEW4PER3B, HBW2PER1, HEW4PER2, HEW4PER2B, HEW2PER2, H4W2PER2, HBW2PER2, H4W2PER3, y HPW2P1. NVRs Serie Performance afectados: HEN08104, HEN08144, HEN081124, HEN16104, HEN16144, HEN16184, HEN16204, HEN162244, HEN16284, HEN16304, HEN16384, HEN32104, HEN321124, HEN32204, HEN32284, HEN322164, HEN32304, HEN32384, HEN323164, HEN64204, HEN64304, HEN643164, HEN643324, HEN643484, HEN04103, HEN04113, HEN04123, HEN08103, HEN08113, HEN08123, HEN08143, HEN16103, HEN16123, HEN16143, HEN16163, HEN04103L, HEN08103L, HEN16103L, HEN32103L.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hbd3pr2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63C97AF8-8107-438F-A0FE-6509BC285379\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hbd3pr2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"063ECCED-CF22-499F-BAAA-877F0CD1C258\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:h4d3prv3_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E69A7E-D62E-4FCA-95D0-B49BB650A09F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:h4d3prv3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2810325F-B33A-4F6F-95BA-F9AE23B4D59D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hed3pr3_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D04BCCE7-1CA7-4748-B1D0-BDBAAB0FEBAA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hed3pr3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83643D38-2A04-4955-B02C-C822C040FB87\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:h4d3prv2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3347B19D-5888-4F76-BEB3-520D9B632D55\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:h4d3prv2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C861316-46BC-4E9C-8452-0E130B3336D9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hbd3pr1_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82B53790-A650-4B69-A91E-722CC736AC00\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hbd3pr1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39D05A2D-CE87-462D-B55E-BA27EE3B78F1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:h4w8pr2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1B7E0C1-B599-47CA-8D71-E5A0C5AAFE1A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:h4w8pr2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"717A6F11-8EA5-4F9A-9F78-8E51FBFB73A6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hbw8pr2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB898789-B3E5-49BB-91B8-10AA0D2056CE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hbw8pr2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"687F3108-76C3-4F22-8321-59A849017886\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:h2w2pc1m_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94A1FD71-3A35-4175-9C80-8965F3A59D9F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:h2w2pc1m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA1EF7CE-9FA3-45DA-9047-052E27E16965\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:h2w4per3_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FD65833-D4DA-42D4-904A-0CC96E53E7D7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:h2w4per3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AF4F78E-E768-4D54-A9A1-2C24FC49CB08\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:h2w2per3_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CA4E13F-70AA-46BB-BF1D-B3797D3BD302\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:h2w2per3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBF28324-68A7-4862-A881-1187A68CA97E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hew2per3_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"996AF0FE-AF0E-479F-8301-E55C42EE3E6B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hew2per3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93D344FD-0DED-4017-B339-CA3BE5E201C7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hew4per3b_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9032E95-1D90-497A-A0F1-A5A3221FDF7F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hew4per3b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFF24084-97F9-4645-9C75-824217FCE8B7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hbw2per1_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88C5B464-E5DD-4095-98F4-8695F7722C67\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hbw2per1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8CA4A19-03EC-4142-B847-0EC8C14AC9D9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hew4per2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1C92A07-047E-4AFF-BA53-6EDD81407F7C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hew4per2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B97E873-CB5C-46FB-A91A-A67C4DDE03C8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hew4per2b_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC835EA6-56F0-4C62-9799-D8A9C661271B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hew4per2b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA9106C1-B426-497F-835E-F0CF53139573\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hew2per2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FC032CC-68BE-4003-969E-A2AC07835D82\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hew2per2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6285BB52-C08F-4CBB-A03B-385B980A3420\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:h4w2per2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B10341D2-EF85-4067-A470-A263773DB8F7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:h4w2per2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACBD1C35-BC9F-471B-AFE9-56F2C0D31251\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hbw2per2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27BBC2DE-1191-43D8-8898-AE832157D689\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hbw2per2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F272578E-2BF9-4827-8838-BF2441F7CD9C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:h4w2per3_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47754C91-13A3-4096-A9D5-5F1C8BB996F2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:h4w2per3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DD7DF8D-F530-4C08-8ADB-16A30A411DB1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hpw2p1_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D70E51AC-7B3C-4FD3-BBDF-7F42ACD86B48\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hpw2p1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"414E3927-B8A6-4E57-972A-27DA0163167E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen08104_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"093252D9-1A3E-4B76-8F65-0FEE05615DC1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen08104:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFF66A77-A007-4632-82BB-2E429EF2AA27\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen08144_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61349DE2-23AB-45B4-BCB2-D1333E43E42B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen08144:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9AC3DBF-7DC5-4598-89F8-6E1C9152FB7F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen081124_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A477EBB3-A237-4A9D-9BD2-9A4BA35B5543\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen081124:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BF53058-BA72-43EB-A11E-A274B9FF7EC3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16104_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EFA83DD-986C-428F-A640-05B576A38FBF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16104:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E37E41A6-597B-494C-897B-729CFF69F3C9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16144_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1835F7B-0F37-44B8-8603-244AF10CD240\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16144:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A9185F1-07C8-4895-9B28-EEAAD4BB647C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16184_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8630249A-D731-4A65-B451-C88D9F6FC8A0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16184:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB9DFFB1-DFAA-47DC-9923-A597D4D125A9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16204_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42F2988F-85F1-4EEE-B51D-C1A9E8E39770\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16204:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84FC138F-AC25-4EEA-A453-9AA1DB888987\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen162244_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F6DAB6B-3684-434A-8B0A-98EEA809650A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen162244:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98593D4B-8ECB-4DE6-A2BE-A01561ED9C03\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16284_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B5774A9-D947-4E16-B2D3-D70A520D49C8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16284:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B723B8DD-EE23-412F-A07A-D6710183040B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16304_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17479F4F-054A-49FA-A324-0C22981BEA92\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16304:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"957CA4C7-EDA9-42F0-A1CA-7EC6AEEB62C4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16384_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CFEC523-9C5F-4806-9F94-C6532D7ADB7E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16384:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF144F90-5FAA-474C-B5D4-D3D1A8EACDB0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen32104_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA0FA70E-EBDA-4CE9-8D52-B4133F95C5D8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen32104:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6E56E5-EF38-45E6-BF91-8A3DFC3897B5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen321124_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD513E4D-F967-445B-81B1-AF64B13D29D8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen321124:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8661439E-52B8-4DEA-82F4-24DBE9AE2414\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen32204_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"730387CA-2FCA-41E3-B935-55A191D7BBDF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen32204:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA75DE24-A397-4070-96BB-917011175C8A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen32284_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87914E04-C149-40D9-86F5-35CAEB44D0B9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen32284:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E5EBB66-3926-4D00-ADF6-89F1D159E6D4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen322164_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98BEFC04-4FE6-4B73-9E0A-16353929D341\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen322164:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E962C93-70CB-44C5-B385-905A0B362854\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen32304_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E518ECF-DB50-4E02-AFE7-24B0ABBFE7AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen32304:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53B4E62B-C35B-4359-A1F6-4DAD5665A3A0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen32384_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84721AB9-5EA4-4CE2-91D3-D88FF299E90C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen32384:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5788B94-52EF-482D-969F-B207D34A216D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen323164_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCEBA529-0FC7-4C18-9235-0F73D36AB655\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen323164:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCD29B9C-E3A2-46C2-90D1-A86944685FA3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen64204_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA0E733-9EAD-4650-91AE-5319010F364A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen64204:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D08912B-4BA0-44CF-A75D-361A5CB74C78\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen64304_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C978C27A-517B-4D29-A254-7EDA96BE84EC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen64304:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AD72AD2-312F-417A-98F6-B9C6923540D7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen643164_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6561F82-8001-4D1C-B714-973500D1B9BA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen643164:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"060580DA-5DB4-406D-89A5-2D97FB6B7194\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen643324_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8E8AB7-0122-4EDD-A21A-47ABCFF67062\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen643324:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59FB72C1-861C-4797-8DFC-2AC7D8D3C4C1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen643484_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49122A86-9B85-45F3-B172-D49D66B70A1F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen643484:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA889940-B338-4C47-9ECC-84CBF964CC5A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen04103_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A8BA020-0FD1-4624-9840-F9211EA1E779\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen04103:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2920BB5-7462-4A00-83A3-C5EAD7E7EB92\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen04113_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D6140AA-2729-4EEA-BE1D-EB5AAE8117FE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen04113:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FE57F1E-0ECA-44CE-A788-A47261F16523\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen04123_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6BC4E54-B52B-4AEF-B73C-7A920CC00E3A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen04123:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"764C5F20-3E34-4C59-8155-0D676B5DD78D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen08103_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5211B18-1099-4289-87CD-4338B6B70C71\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen08103:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C49A809-510A-4442-8D3E-616E260F631F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen08113_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76949C3F-D9C7-4062-855D-EDC21922389A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen08113:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7BC668B-2A49-46CE-9A89-9463A803F54B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen08123_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A957ADC3-F3CA-4F36-8010-3A736F31E862\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen08123:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDFA6BE5-1A74-43AA-ABCB-BD065017B9EF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen08143_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16B5AE28-AC79-4452-8671-38DC1FE1EF50\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen08143:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5916E3A2-8D0C-443C-8A89-EE8F78922448\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16103_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7394E4E3-9DC4-485F-B3C9-6F6D077BE36D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16103:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1D39F92-F428-45EA-98E1-6D5267F738E9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16123_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"107B7B0B-7A41-47A2-B2CA-097D48A20F1A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16123:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41196895-7ECD-40E4-BF6E-D635D71B6ADD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16143_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E55BB1-DE11-49A6-86BD-4DD3ECD3E695\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16143:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC46C1D7-4D11-4B12-8AFF-B76ECFA684B5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16163_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"115CD99D-0AB4-473D-BAB8-DE75F6243E96\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16163:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B87ACF5-EAAA-40D8-AAEB-75528A7116D9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen04103l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E583112F-739A-4480-93F8-4FBF77064FEF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen04103l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E289303-53EF-43A1-AA6E-BE9A9D41923F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen08103l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59A57E78-9BBD-4990-8506-DD9806EDEF0D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen08103l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70952C0D-00A4-49D8-8D58-BD6B25EE6819\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen16103l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81C7AE02-CA84-46A8-B049-70C65451F881\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen16103l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2180D732-89FF-44AE-AFD5-3127DC68EC2F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:hen32103l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B650B4C8-D307-4354-8936-33D3B1F890C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:hen32103l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00386EE7-3418-4A26-9D76-6BD7884C7057\"}]}]}],\"references\":[{\"url\":\"https://www.us-cert.gov/ics/advisories/icsa-19-260-03\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Mitigation\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.us-cert.gov/ics/advisories/icsa-19-260-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
厂商已发布了漏洞修复程序,请及时关注更新: https://www.honeywell.com
| Name | ['Honeywell Performance IP Series cameras HBD3PR2', 'Honeywell Performance IP Series cameras H4D3PRV3', 'Honeywell Performance IP Series cameras HED3PR3', 'Honeywell Performance IP Series cameras H4D3PRV2', 'Honeywell Performance IP Series cameras HBD3PR1', 'Honeywell Performance IP Series cameras H4W8PR2', 'Honeywell Performance IP Series cameras HBW8PR2', 'Honeywell Performance IP Series cameras H2W2PC1M', 'Honeywell Performance IP Series cameras H2W4PER3', 'Honeywell Performance IP Series cameras H2W2PER3', 'Honeywell Performance IP Series cameras HEW2PER3', 'Honeywell Performance IP Series cameras HEW4PER3B', 'Honeywell Performance IP Series cameras HBW2PER1', 'Honeywell Performance IP Series cameras HEW4PER2', 'Honeywell Performance IP Series cameras HEW4PER2B', 'Honeywell Performance IP Series cameras HEW2PER2', 'Honeywell Performance IP Series cameras H4W2PER2', 'Honeywell Performance IP Series cameras HBW2PER2', 'Honeywell Performance IP Series cameras H4W2PER3', 'Honeywell Performance IP Series cameras HPW2P1', 'Honeywell Performance Series NVRs HEN08104', 'Honeywell Performance Series NVRs HEN08144', 'Honeywell Performance Series NVRs HEN081124', 'Honeywell Performance Series NVRs HEN16104', 'Honeywell Performance Series NVRs HEN16144', 'Honeywell Performance Series NVRs HEN16184', 'Honeywell Performance Series NVRs HEN16204', 'Honeywell Performance Series NVRs HEN162244', 'Honeywell Performance Series NVRs HEN16284', 'Honeywell Performance Series NVRs HEN16304', 'Honeywell Performance Series NVRs HEN16384', 'Honeywell Performance Series NVRs HEN32104', 'Honeywell Performance Series NVRs HEN321124', 'Honeywell Performance Series NVRs HEN32204', 'Honeywell Performance Series NVRs HEN32284', 'Honeywell Performance Series NVRs HEN322164', 'Honeywell Performance Series NVRs HEN32304', 'Honeywell Performance Series NVRs HEN32384', 'Honeywell Performance Series NVRs HEN323164', 'Honeywell Performance Series NVRs HEN64204', 'Honeywell Performance Series NVRs HEN64304', 'Honeywell Performance Series NVRs HEN643'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-13523"
}
},
"description": "Honeywell Performance HBD3PR2\u7b49\u90fd\u662f\u7f8e\u56fd\u970d\u5c3c\u97e6\u5c14\uff08Honeywell\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Honeywell Performance HBD3PR2\u662f\u4e00\u6b3eIP\u6444\u50cf\u673a\u3002Honeywell Performance H4D3PRV3\u662f\u4e00\u6b3eIP\u6444\u50cf\u673a\u3002Honeywell Performance HEN08104\u662f\u4e00\u6b3e\u7f51\u7edc\u89c6\u9891\u5f55\u50cf\u673a\uff08NVR\uff09\u8bbe\u5907\u3002\n\n\u591a\u6b3eHoneywell\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u67e5\u770b\u8bbe\u5907\u914d\u7f6e\u4fe1\u606f\u3002",
"discovererName": "Ismail Bulbil",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.honeywell.com",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-31998",
"openTime": "2019-09-19",
"patchDescription": "Honeywell Performance HBD3PR2\u7b49\u90fd\u662f\u7f8e\u56fd\u970d\u5c3c\u97e6\u5c14\uff08Honeywell\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Honeywell Performance HBD3PR2\u662f\u4e00\u6b3eIP\u6444\u50cf\u673a\u3002Honeywell Performance H4D3PRV3\u662f\u4e00\u6b3eIP\u6444\u50cf\u673a\u3002Honeywell Performance HEN08104\u662f\u4e00\u6b3e\u7f51\u7edc\u89c6\u9891\u5f55\u50cf\u673a\uff08NVR\uff09\u8bbe\u5907\u3002\r\n\r\n\u591a\u6b3eHoneywell\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u67e5\u770b\u8bbe\u5907\u914d\u7f6e\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eHoneywell\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Honeywell Performance IP Series cameras HBD3PR2",
"Honeywell Performance IP Series cameras H4D3PRV3",
"Honeywell Performance IP Series cameras HED3PR3",
"Honeywell Performance IP Series cameras H4D3PRV2",
"Honeywell Performance IP Series cameras HBD3PR1",
"Honeywell Performance IP Series cameras H4W8PR2",
"Honeywell Performance IP Series cameras HBW8PR2",
"Honeywell Performance IP Series cameras H2W2PC1M",
"Honeywell Performance IP Series cameras H2W4PER3",
"Honeywell Performance IP Series cameras H2W2PER3",
"Honeywell Performance IP Series cameras HEW2PER3",
"Honeywell Performance IP Series cameras HEW4PER3B",
"Honeywell Performance IP Series cameras HBW2PER1",
"Honeywell Performance IP Series cameras HEW4PER2",
"Honeywell Performance IP Series cameras HEW4PER2B",
"Honeywell Performance IP Series cameras HEW2PER2",
"Honeywell Performance IP Series cameras H4W2PER2",
"Honeywell Performance IP Series cameras HBW2PER2",
"Honeywell Performance IP Series cameras H4W2PER3",
"Honeywell Performance IP Series cameras HPW2P1",
"Honeywell Performance Series NVRs HEN08104",
"Honeywell Performance Series NVRs HEN08144",
"Honeywell Performance Series NVRs HEN081124",
"Honeywell Performance Series NVRs HEN16104",
"Honeywell Performance Series NVRs HEN16144",
"Honeywell Performance Series NVRs HEN16184",
"Honeywell Performance Series NVRs HEN16204",
"Honeywell Performance Series NVRs HEN162244",
"Honeywell Performance Series NVRs HEN16284",
"Honeywell Performance Series NVRs HEN16304",
"Honeywell Performance Series NVRs HEN16384",
"Honeywell Performance Series NVRs HEN32104",
"Honeywell Performance Series NVRs HEN321124",
"Honeywell Performance Series NVRs HEN32204",
"Honeywell Performance Series NVRs HEN32284",
"Honeywell Performance Series NVRs HEN322164",
"Honeywell Performance Series NVRs HEN32304",
"Honeywell Performance Series NVRs HEN32384",
"Honeywell Performance Series NVRs HEN323164",
"Honeywell Performance Series NVRs HEN64204",
"Honeywell Performance Series NVRs HEN64304",
"Honeywell Performance Series NVRs HEN643"
]
},
"referenceLink": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03",
"serverity": "\u4e2d",
"submitTime": "2019-09-19",
"title": "\u591a\u6b3eHoneywell\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}
FKIE_CVE-2019-13523
Vulnerability from fkie_nvd - Published: 2019-09-26 16:15 - Updated: 2026-06-17 02:16| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-19-260-03 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-260-03 | Mitigation, Third Party Advisory, US Government Resource |
{
"affected": [
{
"affectedData": [
{
"product": "Performance IP Cameras",
"vendor": "Honeywell",
"versions": [
{
"status": "affected",
"version": "HBD3PR2"
},
{
"status": "affected",
"version": "H4D3PRV3"
},
{
"status": "affected",
"version": "HED3PR3"
},
{
"status": "affected",
"version": "H4D3PRV2"
},
{
"status": "affected",
"version": "HBD3PR1"
},
{
"status": "affected",
"version": "H4W8PR2"
},
{
"status": "affected",
"version": "HBW8PR2"
},
{
"status": "affected",
"version": "H2W2PC1M"
},
{
"status": "affected",
"version": "H2W4PER3"
},
{
"status": "affected",
"version": "H2W2PER3"
},
{
"status": "affected",
"version": "HEW2PER3"
},
{
"status": "affected",
"version": "HEW4PER3B"
},
{
"status": "affected",
"version": "HBW2PER1"
},
{
"status": "affected",
"version": "HEW4PER2"
},
{
"status": "affected",
"version": "HEW4PER2B"
},
{
"status": "affected",
"version": "HEW2PER2"
},
{
"status": "affected",
"version": "H4W2PER2"
},
{
"status": "affected",
"version": "HBW2PER2"
},
{
"status": "affected",
"version": "H4W2PER3"
},
{
"status": "affected",
"version": "HPW2P1"
}
]
},
{
"product": "Performance NVRs",
"vendor": "Honeywell",
"versions": [
{
"status": "affected",
"version": "HEN08104"
},
{
"status": "affected",
"version": "HEN08144"
},
{
"status": "affected",
"version": "HEN081124"
},
{
"status": "affected",
"version": "HEN16104"
},
{
"status": "affected",
"version": "HEN16144"
},
{
"status": "affected",
"version": "HEN16184"
},
{
"status": "affected",
"version": "HEN16204"
},
{
"status": "affected",
"version": "HEN162244"
},
{
"status": "affected",
"version": "HEN16284"
},
{
"status": "affected",
"version": "HEN16304"
},
{
"status": "affected",
"version": "HEN16384"
},
{
"status": "affected",
"version": "HEN32104"
},
{
"status": "affected",
"version": "HEN321124"
},
{
"status": "affected",
"version": "HEN32204"
},
{
"status": "affected",
"version": "HEN32284"
},
{
"status": "affected",
"version": "HEN322164"
},
{
"status": "affected",
"version": "HEN32304"
},
{
"status": "affected",
"version": "HEN32384"
},
{
"status": "affected",
"version": "HEN323164"
},
{
"status": "affected",
"version": "HEN64204"
},
{
"status": "affected",
"version": "HEN64304"
},
{
"status": "affected",
"version": "HEN643164"
},
{
"status": "affected",
"version": "HEN643324"
},
{
"status": "affected",
"version": "HEN643484"
},
{
"status": "affected",
"version": "HEN04103"
},
{
"status": "affected",
"version": "HEN04113"
},
{
"status": "affected",
"version": "HEN04123"
},
{
"status": "affected",
"version": "HEN08103"
},
{
"status": "affected",
"version": "HEN08113"
},
{
"status": "affected",
"version": "HEN08123"
},
{
"status": "affected",
"version": "HEN08143"
},
{
"status": "affected",
"version": "HEN16103"
},
{
"status": "affected",
"version": "HEN16123"
},
{
"status": "affected",
"version": "HEN16143"
},
{
"status": "affected",
"version": "HEN16163"
},
{
"status": "affected",
"version": "HEN04103L"
},
{
"status": "affected",
"version": "HEN08103L"
},
{
"status": "affected",
"version": "HEN16103L"
},
{
"status": "affected",
"version": "HEN32103L"
}
]
}
],
"source": "ics-cert@hq.dhs.gov"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hbd3pr2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63C97AF8-8107-438F-A0FE-6509BC285379",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hbd3pr2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "063ECCED-CF22-499F-BAAA-877F0CD1C258",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:h4d3prv3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E69A7E-D62E-4FCA-95D0-B49BB650A09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:h4d3prv3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2810325F-B33A-4F6F-95BA-F9AE23B4D59D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hed3pr3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D04BCCE7-1CA7-4748-B1D0-BDBAAB0FEBAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hed3pr3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83643D38-2A04-4955-B02C-C822C040FB87",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:h4d3prv2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3347B19D-5888-4F76-BEB3-520D9B632D55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:h4d3prv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C861316-46BC-4E9C-8452-0E130B3336D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hbd3pr1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82B53790-A650-4B69-A91E-722CC736AC00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hbd3pr1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39D05A2D-CE87-462D-B55E-BA27EE3B78F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:h4w8pr2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B7E0C1-B599-47CA-8D71-E5A0C5AAFE1A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:h4w8pr2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "717A6F11-8EA5-4F9A-9F78-8E51FBFB73A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hbw8pr2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB898789-B3E5-49BB-91B8-10AA0D2056CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hbw8pr2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "687F3108-76C3-4F22-8321-59A849017886",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:h2w2pc1m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94A1FD71-3A35-4175-9C80-8965F3A59D9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:h2w2pc1m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1EF7CE-9FA3-45DA-9047-052E27E16965",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:h2w4per3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD65833-D4DA-42D4-904A-0CC96E53E7D7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:h2w4per3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF4F78E-E768-4D54-A9A1-2C24FC49CB08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:h2w2per3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA4E13F-70AA-46BB-BF1D-B3797D3BD302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:h2w2per3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF28324-68A7-4862-A881-1187A68CA97E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hew2per3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "996AF0FE-AF0E-479F-8301-E55C42EE3E6B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hew2per3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93D344FD-0DED-4017-B339-CA3BE5E201C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hew4per3b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9032E95-1D90-497A-A0F1-A5A3221FDF7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hew4per3b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF24084-97F9-4645-9C75-824217FCE8B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hbw2per1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88C5B464-E5DD-4095-98F4-8695F7722C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hbw2per1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8CA4A19-03EC-4142-B847-0EC8C14AC9D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hew4per2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C92A07-047E-4AFF-BA53-6EDD81407F7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hew4per2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B97E873-CB5C-46FB-A91A-A67C4DDE03C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hew4per2b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC835EA6-56F0-4C62-9799-D8A9C661271B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hew4per2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9106C1-B426-497F-835E-F0CF53139573",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hew2per2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC032CC-68BE-4003-969E-A2AC07835D82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hew2per2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6285BB52-C08F-4CBB-A03B-385B980A3420",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:h4w2per2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B10341D2-EF85-4067-A470-A263773DB8F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:h4w2per2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACBD1C35-BC9F-471B-AFE9-56F2C0D31251",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hbw2per2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27BBC2DE-1191-43D8-8898-AE832157D689",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hbw2per2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F272578E-2BF9-4827-8838-BF2441F7CD9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:h4w2per3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47754C91-13A3-4096-A9D5-5F1C8BB996F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:h4w2per3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD7DF8D-F530-4C08-8ADB-16A30A411DB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hpw2p1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D70E51AC-7B3C-4FD3-BBDF-7F42ACD86B48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hpw2p1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "414E3927-B8A6-4E57-972A-27DA0163167E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen08104_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "093252D9-1A3E-4B76-8F65-0FEE05615DC1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen08104:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF66A77-A007-4632-82BB-2E429EF2AA27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen08144_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61349DE2-23AB-45B4-BCB2-D1333E43E42B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen08144:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9AC3DBF-7DC5-4598-89F8-6E1C9152FB7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen081124_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A477EBB3-A237-4A9D-9BD2-9A4BA35B5543",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen081124:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF53058-BA72-43EB-A11E-A274B9FF7EC3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16104_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EFA83DD-986C-428F-A640-05B576A38FBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16104:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E37E41A6-597B-494C-897B-729CFF69F3C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16144_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1835F7B-0F37-44B8-8603-244AF10CD240",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16144:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9185F1-07C8-4895-9B28-EEAAD4BB647C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16184_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8630249A-D731-4A65-B451-C88D9F6FC8A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16184:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9DFFB1-DFAA-47DC-9923-A597D4D125A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16204_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42F2988F-85F1-4EEE-B51D-C1A9E8E39770",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84FC138F-AC25-4EEA-A453-9AA1DB888987",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen162244_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F6DAB6B-3684-434A-8B0A-98EEA809650A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen162244:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98593D4B-8ECB-4DE6-A2BE-A01561ED9C03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16284_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B5774A9-D947-4E16-B2D3-D70A520D49C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16284:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B723B8DD-EE23-412F-A07A-D6710183040B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16304_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17479F4F-054A-49FA-A324-0C22981BEA92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16304:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957CA4C7-EDA9-42F0-A1CA-7EC6AEEB62C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16384_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFEC523-9C5F-4806-9F94-C6532D7ADB7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16384:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF144F90-5FAA-474C-B5D4-D3D1A8EACDB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen32104_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0FA70E-EBDA-4CE9-8D52-B4133F95C5D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen32104:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6E56E5-EF38-45E6-BF91-8A3DFC3897B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen321124_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD513E4D-F967-445B-81B1-AF64B13D29D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen321124:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8661439E-52B8-4DEA-82F4-24DBE9AE2414",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen32204_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "730387CA-2FCA-41E3-B935-55A191D7BBDF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen32204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA75DE24-A397-4070-96BB-917011175C8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen32284_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87914E04-C149-40D9-86F5-35CAEB44D0B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen32284:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E5EBB66-3926-4D00-ADF6-89F1D159E6D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen322164_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98BEFC04-4FE6-4B73-9E0A-16353929D341",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen322164:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E962C93-70CB-44C5-B385-905A0B362854",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen32304_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E518ECF-DB50-4E02-AFE7-24B0ABBFE7AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen32304:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53B4E62B-C35B-4359-A1F6-4DAD5665A3A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen32384_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84721AB9-5EA4-4CE2-91D3-D88FF299E90C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen32384:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5788B94-52EF-482D-969F-B207D34A216D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen323164_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEBA529-0FC7-4C18-9235-0F73D36AB655",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen323164:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD29B9C-E3A2-46C2-90D1-A86944685FA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen64204_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA0E733-9EAD-4650-91AE-5319010F364A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen64204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D08912B-4BA0-44CF-A75D-361A5CB74C78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen64304_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C978C27A-517B-4D29-A254-7EDA96BE84EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen64304:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD72AD2-312F-417A-98F6-B9C6923540D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen643164_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6561F82-8001-4D1C-B714-973500D1B9BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen643164:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060580DA-5DB4-406D-89A5-2D97FB6B7194",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen643324_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8E8AB7-0122-4EDD-A21A-47ABCFF67062",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen643324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59FB72C1-861C-4797-8DFC-2AC7D8D3C4C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen643484_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49122A86-9B85-45F3-B172-D49D66B70A1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen643484:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA889940-B338-4C47-9ECC-84CBF964CC5A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen04103_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A8BA020-0FD1-4624-9840-F9211EA1E779",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen04103:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2920BB5-7462-4A00-83A3-C5EAD7E7EB92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen04113_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D6140AA-2729-4EEA-BE1D-EB5AAE8117FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen04113:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE57F1E-0ECA-44CE-A788-A47261F16523",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen04123_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BC4E54-B52B-4AEF-B73C-7A920CC00E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen04123:-:*:*:*:*:*:*:*",
"matchCriteriaId": "764C5F20-3E34-4C59-8155-0D676B5DD78D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen08103_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5211B18-1099-4289-87CD-4338B6B70C71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen08103:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C49A809-510A-4442-8D3E-616E260F631F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen08113_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76949C3F-D9C7-4062-855D-EDC21922389A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen08113:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7BC668B-2A49-46CE-9A89-9463A803F54B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen08123_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A957ADC3-F3CA-4F36-8010-3A736F31E862",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen08123:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFA6BE5-1A74-43AA-ABCB-BD065017B9EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen08143_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16B5AE28-AC79-4452-8671-38DC1FE1EF50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen08143:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5916E3A2-8D0C-443C-8A89-EE8F78922448",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16103_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7394E4E3-9DC4-485F-B3C9-6F6D077BE36D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16103:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D39F92-F428-45EA-98E1-6D5267F738E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16123_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "107B7B0B-7A41-47A2-B2CA-097D48A20F1A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16123:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41196895-7ECD-40E4-BF6E-D635D71B6ADD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16143_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48E55BB1-DE11-49A6-86BD-4DD3ECD3E695",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16143:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46C1D7-4D11-4B12-8AFF-B76ECFA684B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16163_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "115CD99D-0AB4-473D-BAB8-DE75F6243E96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B87ACF5-EAAA-40D8-AAEB-75528A7116D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen04103l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E583112F-739A-4480-93F8-4FBF77064FEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen04103l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E289303-53EF-43A1-AA6E-BE9A9D41923F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen08103l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59A57E78-9BBD-4990-8506-DD9806EDEF0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen08103l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70952C0D-00A4-49D8-8D58-BD6B25EE6819",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen16103l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81C7AE02-CA84-46A8-B049-70C65451F881",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen16103l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2180D732-89FF-44AE-AFD5-3127DC68EC2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:honeywell:hen32103l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B650B4C8-D307-4354-8936-33D3B1F890C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:honeywell:hen32103l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00386EE7-3418-4A26-9D76-6BD7884C7057",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L."
},
{
"lang": "es",
"value": "En las c\u00e1maras IP y NVRs Honeywell Performance, el servidor web integrado de los dispositivos afectados podr\u00eda permitir a atacantes remotos obtener datos de configuraci\u00f3n web en formato JSON para c\u00e1maras IP y NVR (Network Video Recorders), que pueden ser accedidos sin autenticaci\u00f3n a trav\u00e9s de la red. C\u00e1maras IP Performance afectadas: HBD3PR2, H4D3PRV3, HED3PR3, H4D3PRV2, HBD3PR1, H4W8PR2, HBW8PR2, H2W2PC1M, H2W4PER3, H2W2PER3, HEW2PER3, HEW4PER3B, HBW2PER1, HEW4PER2, HEW4PER2B, HEW2PER2, H4W2PER2, HBW2PER2, H4W2PER3, y HPW2P1. NVRs Serie Performance afectados: HEN08104, HEN08144, HEN081124, HEN16104, HEN16144, HEN16184, HEN16204, HEN162244, HEN16284, HEN16304, HEN16384, HEN32104, HEN321124, HEN32204, HEN32284, HEN322164, HEN32304, HEN32384, HEN323164, HEN64204, HEN64304, HEN643164, HEN643324, HEN643484, HEN04103, HEN04113, HEN04123, HEN08103, HEN08113, HEN08123, HEN08143, HEN16103, HEN16123, HEN16143, HEN16163, HEN04103L, HEN08103L, HEN16103L, HEN32103L."
}
],
"id": "CVE-2019-13523",
"lastModified": "2026-06-17T02:16:54.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-26T16:15:11.067",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-6J5F-PM23-XCWQ
Vulnerability from github – Published: 2022-05-24 16:56 – Updated: 2024-04-04 02:00In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L.
{
"affected": [],
"aliases": [
"CVE-2019-13523"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-09-26T16:15:00Z",
"severity": "MODERATE"
},
"details": "In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L.",
"id": "GHSA-6j5f-pm23-xcwq",
"modified": "2024-04-04T02:00:42Z",
"published": "2022-05-24T16:56:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13523"
},
{
"type": "WEB",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2019-13523
Vulnerability from gsd - Updated: 2023-12-13 01:23{
"GSD": {
"alias": "CVE-2019-13523",
"description": "In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L.",
"id": "GSD-2019-13523"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-13523"
],
"details": "In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L.",
"id": "GSD-2019-13523",
"modified": "2023-12-13T01:23:41.067689Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-13523",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Performance IP Cameras",
"version": {
"version_data": [
{
"version_value": "HBD3PR2"
},
{
"version_value": "H4D3PRV3"
},
{
"version_value": "HED3PR3"
},
{
"version_value": "H4D3PRV2"
},
{
"version_value": "HBD3PR1"
},
{
"version_value": "H4W8PR2"
},
{
"version_value": "HBW8PR2"
},
{
"version_value": "H2W2PC1M"
},
{
"version_value": "H2W4PER3"
},
{
"version_value": "H2W2PER3"
},
{
"version_value": "HEW2PER3"
},
{
"version_value": "HEW4PER3B"
},
{
"version_value": "HBW2PER1"
},
{
"version_value": "HEW4PER2"
},
{
"version_value": "HEW4PER2B"
},
{
"version_value": "HEW2PER2"
},
{
"version_value": "H4W2PER2"
},
{
"version_value": "HBW2PER2"
},
{
"version_value": "H4W2PER3"
},
{
"version_value": "HPW2P1"
}
]
}
},
{
"product_name": "Performance NVRs",
"version": {
"version_data": [
{
"version_value": "HEN08104"
},
{
"version_value": "HEN08144"
},
{
"version_value": "HEN081124"
},
{
"version_value": "HEN16104"
},
{
"version_value": "HEN16144"
},
{
"version_value": "HEN16184"
},
{
"version_value": "HEN16204"
},
{
"version_value": "HEN162244"
},
{
"version_value": "HEN16284"
},
{
"version_value": "HEN16304"
},
{
"version_value": "HEN16384"
},
{
"version_value": "HEN32104"
},
{
"version_value": "HEN321124"
},
{
"version_value": "HEN32204"
},
{
"version_value": "HEN32284"
},
{
"version_value": "HEN322164"
},
{
"version_value": "HEN32304"
},
{
"version_value": "HEN32384"
},
{
"version_value": "HEN323164"
},
{
"version_value": "HEN64204"
},
{
"version_value": "HEN64304"
},
{
"version_value": "HEN643164"
},
{
"version_value": "HEN643324"
},
{
"version_value": "HEN643484"
},
{
"version_value": "HEN04103"
},
{
"version_value": "HEN04113"
},
{
"version_value": "HEN04123"
},
{
"version_value": "HEN08103"
},
{
"version_value": "HEN08113"
},
{
"version_value": "HEN08123"
},
{
"version_value": "HEN08143"
},
{
"version_value": "HEN16103"
},
{
"version_value": "HEN16123"
},
{
"version_value": "HEN16143"
},
{
"version_value": "HEN16163"
},
{
"version_value": "HEN04103L"
},
{
"version_value": "HEN08103L"
},
{
"version_value": "HEN16103L"
},
{
"version_value": "HEN32103L"
}
]
}
}
]
},
"vendor_name": "Honeywell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INFORMATION EXPOSURE CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hbd3pr2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hbd3pr2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:h4d3prv3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:h4d3prv3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hed3pr3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hed3pr3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:h4d3prv2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:h4d3prv2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hbd3pr1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hbd3pr1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:h4w8pr2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:h4w8pr2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hbw8pr2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hbw8pr2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:h2w2pc1m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:h2w2pc1m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:h2w4per3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:h2w4per3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:h2w2per3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:h2w2per3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hew2per3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hew2per3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hew4per3b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hew4per3b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hbw2per1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hbw2per1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hew4per2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hew4per2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hew4per2b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hew4per2b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hew2per2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hew2per2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:h4w2per2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:h4w2per2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hbw2per2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hbw2per2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:h4w2per3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:h4w2per3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hpw2p1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hpw2p1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen08104_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen08104:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen08144_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen08144:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen081124_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen081124:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16104_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16104:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16144_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16144:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16184_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16184:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16204_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16204:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen162244_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen162244:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16284_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16284:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16304_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16304:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16384_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16384:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen32104_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen32104:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen321124_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen321124:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen32204_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen32204:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen32284_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen32284:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen322164_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen322164:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen32304_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen32304:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen32384_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen32384:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen323164_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen323164:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen64204_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen64204:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen64304_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen64304:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen643164_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen643164:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen643324_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen643324:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen643484_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen643484:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen04103_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen04103:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen04113_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen04113:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen04123_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen04123:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen08103_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen08103:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen08113_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen08113:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen08123_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen08123:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen08143_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen08143:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16103_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16103:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16123_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16123:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16143_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16143:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16163_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16163:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen04103l_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen04103l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen08103l_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen08103l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen16103l_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen16103l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:honeywell:hen32103l_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:honeywell:hen32103l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-13523"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03",
"refsource": "MISC",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2021-10-28T15:09Z",
"publishedDate": "2019-09-26T16:15Z"
}
}
}
ICSA-19-260-03
Vulnerability from csaf_cisa - Published: 2019-09-17 00:00 - Updated: 2019-09-17 00:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Performance IP Series cameras: HEW4PER2B
Honeywell / Performance IP Series cameras
|
HEW4PER2B |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN32204
Honeywell / Performance Series NVRs
|
HEN32204 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: H4W2PER2
Honeywell / Performance IP Series cameras
|
H4W2PER2 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: H2W2PC1M
Honeywell / Performance IP Series cameras
|
H2W2PC1M |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN321124
Honeywell / Performance Series NVRs
|
HEN321124 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HBW2PER2
Honeywell / Performance IP Series cameras
|
HBW2PER2 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN643164
Honeywell / Performance Series NVRs
|
HEN643164 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN04113
Honeywell / Performance Series NVRs
|
HEN04113 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN64304
Honeywell / Performance Series NVRs
|
HEN64304 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HBW2PER1
Honeywell / Performance IP Series cameras
|
HBW2PER1 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: H4W2PER3
Honeywell / Performance IP Series cameras
|
H4W2PER3 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN08144
Honeywell / Performance Series NVRs
|
HEN08144 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HED3PR3
Honeywell / Performance IP Series cameras
|
HED3PR3 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16384
Honeywell / Performance Series NVRs
|
HEN16384 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN32104
Honeywell / Performance Series NVRs
|
HEN32104 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN32284
Honeywell / Performance Series NVRs
|
HEN32284 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN04103L
Honeywell / Performance Series NVRs
|
HEN04103L |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16304
Honeywell / Performance Series NVRs
|
HEN16304 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: H4D3PRV3
Honeywell / Performance IP Series cameras
|
H4D3PRV3 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16284
Honeywell / Performance Series NVRs
|
HEN16284 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN643484
Honeywell / Performance Series NVRs
|
HEN643484 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN64204
Honeywell / Performance Series NVRs
|
HEN64204 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN08103
Honeywell / Performance Series NVRs
|
HEN08103 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN643324
Honeywell / Performance Series NVRs
|
HEN643324 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN32103L
Honeywell / Performance Series NVRs
|
HEN32103L |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN32384
Honeywell / Performance Series NVRs
|
HEN32384 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEW4PER2
Honeywell / Performance IP Series cameras
|
HEW4PER2 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16143
Honeywell / Performance Series NVRs
|
HEN16143 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN162244
Honeywell / Performance Series NVRs
|
HEN162244 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEW2PER3
Honeywell / Performance IP Series cameras
|
HEW2PER3 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: H4W8PR2
Honeywell / Performance IP Series cameras
|
H4W8PR2 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16144
Honeywell / Performance Series NVRs
|
HEN16144 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16204
Honeywell / Performance Series NVRs
|
HEN16204 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN04123
Honeywell / Performance Series NVRs
|
HEN04123 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HBD3PR1
Honeywell / Performance IP Series cameras
|
HBD3PR1 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HBD3PR2
Honeywell / Performance IP Series cameras
|
HBD3PR2 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: H2W4PER3
Honeywell / Performance IP Series cameras
|
H2W4PER3 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEW4PER3B
Honeywell / Performance IP Series cameras
|
HEW4PER3B |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: H4D3PRV2
Honeywell / Performance IP Series cameras
|
H4D3PRV2 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN323164
Honeywell / Performance Series NVRs
|
HEN323164 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN322164
Honeywell / Performance Series NVRs
|
HEN322164 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: H2W2PER3
Honeywell / Performance IP Series cameras
|
H2W2PER3 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HPW2P1
Honeywell / Performance IP Series cameras
|
HPW2P1 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16123
Honeywell / Performance Series NVRs
|
HEN16123 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN08113
Honeywell / Performance Series NVRs
|
HEN08113 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16103L
Honeywell / Performance Series NVRs
|
HEN16103L |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16103
Honeywell / Performance Series NVRs
|
HEN16103 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16184
Honeywell / Performance Series NVRs
|
HEN16184 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN081124
Honeywell / Performance Series NVRs
|
HEN081124 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HBW8PR2
Honeywell / Performance IP Series cameras
|
HBW8PR2 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN32304
Honeywell / Performance Series NVRs
|
HEN32304 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16163
Honeywell / Performance Series NVRs
|
HEN16163 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN04103
Honeywell / Performance Series NVRs
|
HEN04103 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN08103L
Honeywell / Performance Series NVRs
|
HEN08103L |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN08123
Honeywell / Performance Series NVRs
|
HEN08123 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN08104
Honeywell / Performance Series NVRs
|
HEN08104 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN08143
Honeywell / Performance Series NVRs
|
HEN08143 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEW2PER2
Honeywell / Performance IP Series cameras
|
HEW2PER2 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
|
|
Performance IP Series cameras: HEN16104
Honeywell / Performance Series NVRs
|
HEN16104 |
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
fix
|
{
"document": {
"acknowledgments": [
{
"names": [
"Ismail Bulbil"
],
"summary": "reporting this vulnerability to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow an attacker to view device configuration information.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Commercial Facilities, Critical Manufacturing, Energy, Healthcare and Public Health",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "United States",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-260-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-260-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-260-03 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-260-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Honeywell Performance IP Cameras and Performance NVRs",
"tracking": {
"current_release_date": "2019-09-17T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-260-03",
"initial_release_date": "2019-09-17T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-09-17T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-260-03 Honeywell Performance IP Cameras and Performance NVRs"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "HEW4PER2B",
"product": {
"name": "Performance IP Series cameras: HEW4PER2B",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN32204",
"product": {
"name": "Performance IP Series cameras: HEN32204",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "H4W2PER2",
"product": {
"name": "Performance IP Series cameras: H4W2PER2",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "H2W2PC1M",
"product": {
"name": "Performance IP Series cameras: H2W2PC1M",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN321124",
"product": {
"name": "Performance IP Series cameras: HEN321124",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HBW2PER2",
"product": {
"name": "Performance IP Series cameras: HBW2PER2",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN643164",
"product": {
"name": "Performance IP Series cameras: HEN643164",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN04113",
"product": {
"name": "Performance IP Series cameras: HEN04113",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN64304",
"product": {
"name": "Performance IP Series cameras: HEN64304",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HBW2PER1",
"product": {
"name": "Performance IP Series cameras: HBW2PER1",
"product_id": "CSAFPID-00010"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "H4W2PER3",
"product": {
"name": "Performance IP Series cameras: H4W2PER3",
"product_id": "CSAFPID-00011"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN08144",
"product": {
"name": "Performance IP Series cameras: HEN08144",
"product_id": "CSAFPID-00012"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HED3PR3",
"product": {
"name": "Performance IP Series cameras: HED3PR3",
"product_id": "CSAFPID-00013"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16384",
"product": {
"name": "Performance IP Series cameras: HEN16384",
"product_id": "CSAFPID-00014"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN32104",
"product": {
"name": "Performance IP Series cameras: HEN32104",
"product_id": "CSAFPID-00015"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN32284",
"product": {
"name": "Performance IP Series cameras: HEN32284",
"product_id": "CSAFPID-00016"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN04103L",
"product": {
"name": "Performance IP Series cameras: HEN04103L",
"product_id": "CSAFPID-00017"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16304",
"product": {
"name": "Performance IP Series cameras: HEN16304",
"product_id": "CSAFPID-00018"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "H4D3PRV3",
"product": {
"name": "Performance IP Series cameras: H4D3PRV3",
"product_id": "CSAFPID-00019"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16284",
"product": {
"name": "Performance IP Series cameras: HEN16284",
"product_id": "CSAFPID-00020"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN643484",
"product": {
"name": "Performance IP Series cameras: HEN643484",
"product_id": "CSAFPID-00021"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN64204",
"product": {
"name": "Performance IP Series cameras: HEN64204",
"product_id": "CSAFPID-00022"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN08103",
"product": {
"name": "Performance IP Series cameras: HEN08103",
"product_id": "CSAFPID-00023"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN643324",
"product": {
"name": "Performance IP Series cameras: HEN643324",
"product_id": "CSAFPID-00024"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN32103L",
"product": {
"name": "Performance IP Series cameras: HEN32103L",
"product_id": "CSAFPID-00025"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN32384",
"product": {
"name": "Performance IP Series cameras: HEN32384",
"product_id": "CSAFPID-00026"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEW4PER2",
"product": {
"name": "Performance IP Series cameras: HEW4PER2",
"product_id": "CSAFPID-00027"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16143",
"product": {
"name": "Performance IP Series cameras: HEN16143",
"product_id": "CSAFPID-00028"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN162244",
"product": {
"name": "Performance IP Series cameras: HEN162244",
"product_id": "CSAFPID-00029"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEW2PER3",
"product": {
"name": "Performance IP Series cameras: HEW2PER3",
"product_id": "CSAFPID-00030"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "H4W8PR2",
"product": {
"name": "Performance IP Series cameras: H4W8PR2",
"product_id": "CSAFPID-00031"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16144",
"product": {
"name": "Performance IP Series cameras: HEN16144",
"product_id": "CSAFPID-00032"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16204",
"product": {
"name": "Performance IP Series cameras: HEN16204",
"product_id": "CSAFPID-00033"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN04123",
"product": {
"name": "Performance IP Series cameras: HEN04123",
"product_id": "CSAFPID-00034"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HBD3PR1",
"product": {
"name": "Performance IP Series cameras: HBD3PR1",
"product_id": "CSAFPID-00035"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HBD3PR2",
"product": {
"name": "Performance IP Series cameras: HBD3PR2",
"product_id": "CSAFPID-00036"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "H2W4PER3",
"product": {
"name": "Performance IP Series cameras: H2W4PER3",
"product_id": "CSAFPID-00037"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEW4PER3B",
"product": {
"name": "Performance IP Series cameras: HEW4PER3B",
"product_id": "CSAFPID-00038"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "H4D3PRV2",
"product": {
"name": "Performance IP Series cameras: H4D3PRV2",
"product_id": "CSAFPID-00039"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN323164",
"product": {
"name": "Performance IP Series cameras: HEN323164",
"product_id": "CSAFPID-00040"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN322164",
"product": {
"name": "Performance IP Series cameras: HEN322164",
"product_id": "CSAFPID-00041"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "H2W2PER3",
"product": {
"name": "Performance IP Series cameras: H2W2PER3",
"product_id": "CSAFPID-00042"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HPW2P1",
"product": {
"name": "Performance IP Series cameras: HPW2P1",
"product_id": "CSAFPID-00043"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16123",
"product": {
"name": "Performance IP Series cameras: HEN16123",
"product_id": "CSAFPID-00044"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN08113",
"product": {
"name": "Performance IP Series cameras: HEN08113",
"product_id": "CSAFPID-00045"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16103L",
"product": {
"name": "Performance IP Series cameras: HEN16103L",
"product_id": "CSAFPID-00046"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16103",
"product": {
"name": "Performance IP Series cameras: HEN16103",
"product_id": "CSAFPID-00047"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16184",
"product": {
"name": "Performance IP Series cameras: HEN16184",
"product_id": "CSAFPID-00048"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN081124",
"product": {
"name": "Performance IP Series cameras: HEN081124",
"product_id": "CSAFPID-00049"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HBW8PR2",
"product": {
"name": "Performance IP Series cameras: HBW8PR2",
"product_id": "CSAFPID-00050"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN32304",
"product": {
"name": "Performance IP Series cameras: HEN32304",
"product_id": "CSAFPID-00051"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16163",
"product": {
"name": "Performance IP Series cameras: HEN16163",
"product_id": "CSAFPID-00052"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN04103",
"product": {
"name": "Performance IP Series cameras: HEN04103",
"product_id": "CSAFPID-00053"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN08103L",
"product": {
"name": "Performance IP Series cameras: HEN08103L",
"product_id": "CSAFPID-00054"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN08123",
"product": {
"name": "Performance IP Series cameras: HEN08123",
"product_id": "CSAFPID-00055"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN08104",
"product": {
"name": "Performance IP Series cameras: HEN08104",
"product_id": "CSAFPID-00056"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN08143",
"product": {
"name": "Performance IP Series cameras: HEN08143",
"product_id": "CSAFPID-00057"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
},
{
"branches": [
{
"category": "product_version",
"name": "HEW2PER2",
"product": {
"name": "Performance IP Series cameras: HEW2PER2",
"product_id": "CSAFPID-00058"
}
}
],
"category": "product_name",
"name": "Performance IP Series cameras"
},
{
"branches": [
{
"category": "product_version",
"name": "HEN16104",
"product": {
"name": "Performance IP Series cameras: HEN16104",
"product_id": "CSAFPID-00059"
}
}
],
"category": "product_name",
"name": "Performance Series NVRs"
}
],
"category": "vendor",
"name": "Honeywell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13523",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "The integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network.CVE-2019-13523 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00033",
"CSAFPID-00034",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00045",
"CSAFPID-00046",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00059"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13523"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Honeywell has released firmware update packages for all affected products. The updates can be obtained with a customer account at the following location (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00033",
"CSAFPID-00034",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00045",
"CSAFPID-00046",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00059"
],
"url": "https://mywebtech.honeywell.com/Home"
},
{
"category": "mitigation",
"details": "Update firmware of vulnerable devices according to affected devices outlined in this advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00033",
"CSAFPID-00034",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00045",
"CSAFPID-00046",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00059"
]
},
{
"category": "mitigation",
"details": "Isolate affected systems from the Internet or create additional layers of defense between affected systems and the Internet by placing the affected hardware behind a firewall or into a DMZ.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00033",
"CSAFPID-00034",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00045",
"CSAFPID-00046",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00059"
]
},
{
"category": "mitigation",
"details": "If remote connections to the network are required, consider using a VPN or other means to ensure secure remote connections into the network where the device is located.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00033",
"CSAFPID-00034",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00045",
"CSAFPID-00046",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00059"
]
},
{
"category": "mitigation",
"details": "More information on this issue can be found in Honeywell security notification SN 2019-04-30 01 at the following location on the Honeywell site:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00033",
"CSAFPID-00034",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00045",
"CSAFPID-00046",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00059"
],
"url": "https://www.security.honeywell.com/-/media/Security/Resources/PDF/Product-Warranty/Security-Notification-May-2019-pdf.pdf?la=en-US\u0026hash=15B712A99CD068FF0D8CB494BC96AB46E2122672"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00033",
"CSAFPID-00034",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00045",
"CSAFPID-00046",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00059"
]
}
]
}
]
}
VAR-201909-1516
Vulnerability from variot - Updated: 2024-11-23 22:44In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L. Honeywell Performance HEN08104 is a network video recorder (NVR) device. A variety of Honeywell product information disclosure vulnerabilities that an attacker can use to view device configuration information. are all products of Honeywell (Honeywell) in the United States. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-1516",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hen32384",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08103",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen322164",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hed3pr3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16184",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hbw8pr2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen321124",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hew4per3b",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08123",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hew2per2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hpw2p1",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hew2per3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h4w2per3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen32284",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16163",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen32304",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08104",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h4w8pr2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h4d3prv2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hew4per2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen64304",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w4per3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen643484",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hew4per2b",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen32204",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08113",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16284",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w2per3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h4w2per2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen081124",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen32103l",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16384",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16103l",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16104",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen162244",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16204",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen04123",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16123",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen04103l",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen32104",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hbw2per1",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16103",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen323164",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hbd3pr1",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen64204",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08143",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hbd3pr2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w2pc1m",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen04113",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08144",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16143",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen04103",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08103l",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen643324",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hbw2per2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16304",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen643164",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h4d3prv3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16144",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w2pc1m",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w2per3",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w4per3",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "h4d3prv2",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "h4d3prv3",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "h4w8pr2",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "hbd3pr1",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "hbd3pr2",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "hbw8pr2",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "hed3pr3",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hbd3pr2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h4d3prv3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hed3pr3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h4d3prv2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hbd3pr1",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h4w8pr2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hbw8pr2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h2w2pc1m",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h2w4per3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h2w2per3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hew2per3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hew4per3b",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hbw2per1",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hew4per2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hew4per2b",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hew2per2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h4w2per2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hbw2per2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h4w2per3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hpw2p1",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen08104",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen08144",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen081124",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16104",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16144",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16184",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16204",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen162244",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16284",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16304",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16384",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen32104",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen321124",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen32204",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen32284",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen322164",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen32304",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen32384",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen323164",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen64204",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen64304",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen643",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hbd3pr2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h2w2per3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hew2per3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hew4per3b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hbw2per1",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hew4per2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hew4per2b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hew2per2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h4w2per2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hbw2per2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h4w2per3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h4d3prv3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hpw2p1",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08104",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08144",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen081124",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16104",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16144",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16184",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16204",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen162244",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16284",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hed3pr3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16304",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16384",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32104",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen321124",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32204",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32284",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen322164",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32304",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32384",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen323164",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h4d3prv2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen64204",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen64304",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen643164",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen643324",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen643484",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen04103",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen04113",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen04123",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08103",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08113",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hbd3pr1",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08123",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08143",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16103",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16123",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16143",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16163",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen04103l",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08103l",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16103l",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32103l",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h4w8pr2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hbw8pr2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h2w2pc1m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h2w4per3",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:honeywell:h2w2pc1m_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:h2w2per3_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:h2w4per3_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:h4d3prv2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:h4d3prv3_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:h4w8pr2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:hbd3pr1_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:hbd3pr2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:hbw8pr2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:hed3pr3_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
}
]
},
"cve": "CVE-2019-13523",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-13523",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-31998",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-145378",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2019-13523",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2019-13523",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-13523",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-13523",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-31998",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-822",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-145378",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-13523",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L. Honeywell Performance HEN08104 is a network video recorder (NVR) device. A variety of Honeywell product information disclosure vulnerabilities that an attacker can use to view device configuration information. are all products of Honeywell (Honeywell) in the United States. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "VULMON",
"id": "CVE-2019-13523"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-13523",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-19-260-03",
"trust": 3.2
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-31998",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.3560",
"trust": 0.6
},
{
"db": "IVD",
"id": "E9BD9395-4886-4E86-AE5D-F3A7C7365E85",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-145378",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-13523",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"id": "VAR-201909-1516",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "VULHUB",
"id": "VHN-145378"
}
],
"trust": 1.892063492857143
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
}
]
},
"last_update_date": "2024-11-23T22:44:49.638000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.honeywell.com/"
},
{
"title": "Patches for multiple Honeywell product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/180937"
},
{
"title": "Multiple Honeywell Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98353"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
},
{
"problemtype": "CWE-306",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13523"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13523"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3560/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167179"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-19T00:00:00",
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"date": "2019-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"date": "2019-09-26T00:00:00",
"db": "VULHUB",
"id": "VHN-145378"
},
{
"date": "2019-09-26T00:00:00",
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"date": "2019-10-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"date": "2019-09-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"date": "2019-09-26T16:15:11.067000",
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-145378"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"date": "2019-10-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"date": "2021-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"date": "2024-11-21T04:25:04.220000",
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Honeywell Performance IP Camera and Performance NVR Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.