VAR-201412-0291
Vulnerability from variot - Updated: 2025-04-12 23:31The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote attackers to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422. The Cisco ISB8320-E High-Definition IP-Only DVR is a Cisco HD DVR. Cisco ISB8320-E High-Definition IP-Only DVR has a security vulnerability that could allow an attacker to exploit this vulnerability to bypass certain security restrictions or to perform unauthorized access on an affected device. This issue is tracked by Cisco Bug ID CSCup85422
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0291",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "isb8320-e high-definition ip-only dvr",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "isb8320-e high-definition ip-only dvr",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "isb8320-e high-definition ip-only dvr cscup85422",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "isb8320-e ip only dvr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09026"
},
{
"db": "BID",
"id": "71706"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-370"
},
{
"db": "NVD",
"id": "CVE-2014-8006"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:isb8320-e_high-definition_ip-only_dvr",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007267"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "71706"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8006",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-8006",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-09026",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-75951",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8006",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-8006",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-09026",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-370",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-75951",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09026"
},
{
"db": "VULHUB",
"id": "VHN-75951"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-370"
},
{
"db": "NVD",
"id": "CVE-2014-8006"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote attackers to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422. The Cisco ISB8320-E High-Definition IP-Only DVR is a Cisco HD DVR. Cisco ISB8320-E High-Definition IP-Only DVR has a security vulnerability that could allow an attacker to exploit this vulnerability to bypass certain security restrictions or to perform unauthorized access on an affected device. \nThis issue is tracked by Cisco Bug ID CSCup85422",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8006"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007267"
},
{
"db": "CNVD",
"id": "CNVD-2014-09026"
},
{
"db": "BID",
"id": "71706"
},
{
"db": "VULHUB",
"id": "VHN-75951"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8006",
"trust": 3.4
},
{
"db": "BID",
"id": "71706",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007267",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-370",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-09026",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-75951",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09026"
},
{
"db": "VULHUB",
"id": "VHN-75951"
},
{
"db": "BID",
"id": "71706"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-370"
},
{
"db": "NVD",
"id": "CVE-2014-8006"
}
]
},
"id": "VAR-201412-0291",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09026"
},
{
"db": "VULHUB",
"id": "VHN-75951"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09026"
}
]
},
"last_update_date": "2025-04-12T23:31:28.920000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco ISB8320-E High-Definition IP-Only DVR Remote Unauthenticated Access Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8006"
},
{
"title": "36780",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36780"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007267"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-75951"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007267"
},
{
"db": "NVD",
"id": "CVE-2014-8006"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-8006"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8006"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8006"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/71706"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09026"
},
{
"db": "VULHUB",
"id": "VHN-75951"
},
{
"db": "BID",
"id": "71706"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-370"
},
{
"db": "NVD",
"id": "CVE-2014-8006"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-09026"
},
{
"db": "VULHUB",
"id": "VHN-75951"
},
{
"db": "BID",
"id": "71706"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-370"
},
{
"db": "NVD",
"id": "CVE-2014-8006"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-09026"
},
{
"date": "2014-12-17T00:00:00",
"db": "VULHUB",
"id": "VHN-75951"
},
{
"date": "2014-12-16T00:00:00",
"db": "BID",
"id": "71706"
},
{
"date": "2014-12-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007267"
},
{
"date": "2014-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-370"
},
{
"date": "2014-12-17T00:59:02.330000",
"db": "NVD",
"id": "CVE-2014-8006"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-09026"
},
{
"date": "2014-12-17T00:00:00",
"db": "VULHUB",
"id": "VHN-75951"
},
{
"date": "2014-12-16T00:00:00",
"db": "BID",
"id": "71706"
},
{
"date": "2014-12-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007267"
},
{
"date": "2014-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-370"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-8006"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-370"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ISB8320-E High-Definition IP-Only DVR of Disaster Recovery Vulnerabilities that bypass authentication in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007267"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-370"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…