Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-1391
HistoryOct 30, 2019 - 9:15 p.m.

CVE-2013-1391

2019-10-3021:15:11
CWE-287
[email protected]
web.nvd.nist.gov
35
cve-2013-1391
authentication bypass
web interface
remote access
device configuration
vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.971 High

EPSS

Percentile

99.8%

JSON

Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration.

Affected configurations

NVD
Node
huntcctvdvr-04ch_firmwareMatch-
AND
huntcctvdvr-04chMatch-
Node
huntcctvdvr-04nc_firmwareMatch-
AND
huntcctvdvr-04ncMatch-
Node
huntcctvdvr-08ch_firmwareMatch-
AND
huntcctvdvr-08chMatch-
Node
huntcctvdvr-08nc_firmwareMatch-
AND
huntcctvdvr-08ncMatch-
Node
huntcctvdvr-16ch_firmwareMatch-
AND
huntcctvdvr-16chMatch-
Node
huntcctvdr6-704a4h_firmwareMatch-
AND
huntcctvdr6-704a4hMatch-
Node
huntcctvdr6-708a4h_firmwareMatch-
AND
huntcctvdr6-708a4hMatch-
Node
huntcctvdr6-7316a4h_firmwareMatch-
AND
huntcctvdr6-7316a4hMatch-
Node
huntcctvdr6-7316a4hl_firmwareMatch-
AND
huntcctvdr6-7316a4hlMatch-
Node
huntcctvhdr-04kd_firmwareMatch-
AND
huntcctvhdr-04kdMatch-
Node
huntcctvhdr-08kd_firmwareMatch-
AND
huntcctvhdr-08kdMatch-
Node
capturecctvcdr_0410ve_firmwareMatch-
AND
capturecctvcdr_0410veMatch-
Node
capturecctvcdr_0820vde_firmwareMatch-
AND
capturecctvcdr_0820vdeMatch-
Node
hachihv-04rd_pro_firmwareMatch-
AND
hachihv-04rd_proMatch-
Node
hachihv-08rd_pro_firmwareMatch-
AND
hachihv-08rd_proMatch-
Node
novuscctvnv-dvr1204_firmwareMatch-
AND
novuscctvnv-dvr1204Match-
Node
novuscctvnv-dvr1208_firmwareMatch-
AND
novuscctvnv-dvr1208Match-
Node
novuscctvnv-dvr1216_firmwareMatch-
AND
novuscctvnv-dvr1216Match-
Node
vsptw-dvr604_firmwareMatch-
AND
vsptw-dvr604Match-
Node
vsptw-dvr616_firmwareMatch-
AND
vsptw-dvr616Match-

Related

openvas 1
cvelist 1
nvd 1
packetstorm 1
nessus 1
checkpoint_advisories 1
prion 1
openvas
openvas
Multiple DVR Information Disclosure Vulnerability
2013-02-01 00:00:00
cvelist
cvelist
CVE-2013-1391
2019-10-30 20:36:40
nvd
nvd
CVE-2013-1391
2019-10-30 21:15:11
packetstorm
packetstorm
Hunt CCTV Credential Disclosure
2013-01-28 00:00:00
nessus
nessus
Hunt CCTV DVR.cfg Direct Request Information Disclosure
2013-02-06 00:00:00
checkpoint_advisories
checkpoint_advisories
Multiple Products DVR Configuration Disclosure (CVE-2013-1391)
2013-10-21 00:00:00
prion
prion
Authentication flaw
2019-10-30 21:15:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.971 High

EPSS

Percentile

99.8%

JSON
Related for CVE-2013-1391
openvas1cvelist1nvd1packetstorm1nessus1checkpoint_advisories1prion1