Podatność CVE-2013-5754


Publikacja: 2013-09-17   Modyfikacja: 2013-09-22

Opis:
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612.

Typ:

CWE-264

(Permissions, Privileges, and Access Controls)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
10/10
10/10
10/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Pełny
Pełny
Pełny
Affected software
Dahuasecurity -> Dvr0804hf-u-e 
Dahuasecurity -> Dvr2116c 
Dahuasecurity -> Dvr5108h 
Dahuasecurity -> Dvr5816 
Dahuasecurity -> Dvr0404hd-a 
Dahuasecurity -> Dvr1604hd-l 
Dahuasecurity -> Dvr2116h 
Dahuasecurity -> Dvr5108he 
Dahuasecurity -> Dvr6404lf-s 
Dahuasecurity -> Dvr0404hd-l 
Dahuasecurity -> Dvr1604hd-s 
Dahuasecurity -> Dvr2116hc 
Dahuasecurity -> Dvr5116c 
Dahuasecurity -> Dvr0404hd-s 
Dahuasecurity -> Dvr1604hf-a-e 
Dahuasecurity -> Dvr2116he 
Dahuasecurity -> Dvr5116h 
Dahuasecurity -> Dvr0404hd-u 
Dahuasecurity -> Dvr1604hf-al-e 
Dahuasecurity -> Dvr2404hf-s 
Dahuasecurity -> Dvr5116he 
Dahuasecurity -> Dvr0404hf-a-e 
Dahuasecurity -> Dvr1604hf-l-e 
Dahuasecurity -> Dvr2404lf-al 
Dahuasecurity -> Dvr5204a 
Dahuasecurity -> Dvr0404hf-al-e 
Dahuasecurity -> Dvr1604hf-s-e 
Dahuasecurity -> Dvr2404lf-s 
Dahuasecurity -> Dvr5204l 
Dahuasecurity -> Dvr0404hf-s-e 
Dahuasecurity -> Dvr1604hf-u-e 
Dahuasecurity -> Dvr3204hf-s 
Dahuasecurity -> Dvr5208a 
Dahuasecurity -> Dvr0404hf-u-e 
Dahuasecurity -> Dvr2104c 
Dahuasecurity -> Dvr3204lf-al 
Dahuasecurity -> Dvr5208l 
Dahuasecurity -> Dvr0804 
Dahuasecurity -> Dvr2104h 
Dahuasecurity -> Dvr3204lf-s 
Dahuasecurity -> Dvr5216a 
Dahuasecurity -> Dvr0804hd-l 
Dahuasecurity -> Dvr2104hc 
Dahuasecurity -> Dvr3224l 
Dahuasecurity -> Dvr5216l 
Dahuasecurity -> Dvr0804hd-s 
Dahuasecurity -> Dvr2104he 
Dahuasecurity -> Dvr3232l 
Dahuasecurity -> Dvr5404 
Dahuasecurity -> Dvr0804hf-a-e 
Dahuasecurity -> Dvr2108c 
Dahuasecurity -> Dvr5104c 
Dahuasecurity -> Dvr5408 
Dahuasecurity -> Dvr0804hf-al-e 
Dahuasecurity -> Dvr2108h 
Dahuasecurity -> Dvr5104h 
Dahuasecurity -> Dvr5416 
Dahuasecurity -> Dvr0804hf-l-e 
Dahuasecurity -> Dvr2108hc 
Dahuasecurity -> Dvr5104he 
Dahuasecurity -> Dvr5804 
Dahuasecurity -> Dvr0804hf-s-e 
Dahuasecurity -> Dvr2108he 
Dahuasecurity -> Dvr5108c 
Dahuasecurity -> Dvr5808 

 Referencje:
http://www.kb.cert.org/vuls/id/800094

Copyright 2024, cxsecurity.com

 

Back to Top