VAR-201909-1516
Vulnerability from variot - Updated: 2024-11-23 22:44In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L. Honeywell Performance HEN08104 is a network video recorder (NVR) device. A variety of Honeywell product information disclosure vulnerabilities that an attacker can use to view device configuration information. are all products of Honeywell (Honeywell) in the United States. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-1516",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hen32384",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08103",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen322164",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hed3pr3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16184",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hbw8pr2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen321124",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hew4per3b",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08123",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hew2per2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hpw2p1",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hew2per3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h4w2per3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen32284",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16163",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen32304",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08104",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h4w8pr2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h4d3prv2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hew4per2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen64304",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w4per3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen643484",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hew4per2b",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen32204",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08113",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16284",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w2per3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h4w2per2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen081124",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen32103l",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16384",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16103l",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16104",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen162244",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16204",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen04123",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16123",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen04103l",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen32104",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hbw2per1",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16103",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen323164",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hbd3pr1",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen64204",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08143",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hbd3pr2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w2pc1m",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen04113",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08144",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16143",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen04103",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen08103l",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen643324",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hbw2per2",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16304",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen643164",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h4d3prv3",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "hen16144",
"scope": "eq",
"trust": 1.0,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w2pc1m",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w2per3",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "h2w4per3",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "h4d3prv2",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "h4d3prv3",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "h4w8pr2",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "hbd3pr1",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "hbd3pr2",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "hbw8pr2",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "hed3pr3",
"scope": null,
"trust": 0.8,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hbd3pr2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h4d3prv3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hed3pr3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h4d3prv2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hbd3pr1",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h4w8pr2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hbw8pr2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h2w2pc1m",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h2w4per3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h2w2per3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hew2per3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hew4per3b",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hbw2per1",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hew4per2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hew4per2b",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hew2per2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h4w2per2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hbw2per2",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras h4w2per3",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance ip series cameras hpw2p1",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen08104",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen08144",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen081124",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16104",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16144",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16184",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16204",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen162244",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16284",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16304",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen16384",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen32104",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen321124",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen32204",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen32284",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen322164",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen32304",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen32384",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen323164",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen64204",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen64304",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "performance series nvrs hen643",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hbd3pr2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h2w2per3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hew2per3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hew4per3b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hbw2per1",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hew4per2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hew4per2b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hew2per2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h4w2per2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hbw2per2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h4w2per3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h4d3prv3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hpw2p1",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08104",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08144",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen081124",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16104",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16144",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16184",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16204",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen162244",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16284",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hed3pr3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16304",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16384",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32104",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen321124",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32204",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32284",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen322164",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32304",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32384",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen323164",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h4d3prv2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen64204",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen64304",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen643164",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen643324",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen643484",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen04103",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen04113",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen04123",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08103",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08113",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hbd3pr1",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08123",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08143",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16103",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16123",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16143",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16163",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen04103l",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen08103l",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen16103l",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hen32103l",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h4w8pr2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hbw8pr2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h2w2pc1m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h2w4per3",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:honeywell:h2w2pc1m_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:h2w2per3_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:h2w4per3_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:h4d3prv2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:h4d3prv3_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:h4w8pr2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:hbd3pr1_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:hbd3pr2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:hbw8pr2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:honeywell:hed3pr3_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
}
]
},
"cve": "CVE-2019-13523",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-13523",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-31998",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-145378",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2019-13523",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2019-13523",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-13523",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-13523",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-31998",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-822",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-145378",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-13523",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L. Honeywell Performance HEN08104 is a network video recorder (NVR) device. A variety of Honeywell product information disclosure vulnerabilities that an attacker can use to view device configuration information. are all products of Honeywell (Honeywell) in the United States. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "VULMON",
"id": "CVE-2019-13523"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-13523",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-19-260-03",
"trust": 3.2
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-31998",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.3560",
"trust": 0.6
},
{
"db": "IVD",
"id": "E9BD9395-4886-4E86-AE5D-F3A7C7365E85",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-145378",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-13523",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"id": "VAR-201909-1516",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "VULHUB",
"id": "VHN-145378"
}
],
"trust": 1.892063492857143
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
}
]
},
"last_update_date": "2024-11-23T22:44:49.638000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.honeywell.com/"
},
{
"title": "Patches for multiple Honeywell product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/180937"
},
{
"title": "Multiple Honeywell Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98353"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
},
{
"problemtype": "CWE-306",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-260-03"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13523"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13523"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3560/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167179"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"db": "VULHUB",
"id": "VHN-145378"
},
{
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-19T00:00:00",
"db": "IVD",
"id": "e9bd9395-4886-4e86-ae5d-f3a7c7365e85"
},
{
"date": "2019-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"date": "2019-09-26T00:00:00",
"db": "VULHUB",
"id": "VHN-145378"
},
{
"date": "2019-09-26T00:00:00",
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"date": "2019-10-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"date": "2019-09-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"date": "2019-09-26T16:15:11.067000",
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-31998"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-145378"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2019-13523"
},
{
"date": "2019-10-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009883"
},
{
"date": "2021-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-822"
},
{
"date": "2024-11-21T04:25:04.220000",
"db": "NVD",
"id": "CVE-2019-13523"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Honeywell Performance IP Camera and Performance NVR Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009883"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-822"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…