Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2019-18230
HistoryOct 31, 2019 - 10:15 p.m.

CVE-2019-18230

2019-10-3122:15:11
CWE-306
[email protected]
web.nvd.nist.gov
99
honeywell
equip
performance series
ip cameras
vulnerability
unauthenticated access
audio streaming
http
nvd
cve-2019-18230

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.0%

JSON

Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP.

Affected configurations

NVD
Node
honeywellh4d8pr1_firmwareRange<1.000.hw01.3.20190820
AND
honeywellh4d8pr1Match-
Node
honeywellhfd5pr1_firmwareRange<1.000.hw01.1.20190822
AND
honeywellhfd5pr1Match-
Node
honeywellhpw2p1_firmwareRange<1.000.hw01.3.20190820
AND
honeywellhpw2p1Match-
Node
honeywellhdzp304di_firmwareRange<1.000.hw10.5.20190812
AND
honeywellhdzp304diMatch-
Node
honeywellhdzp252di_firmwareRange<1.000.hw02.3.20181109
AND
honeywellhdzp252diMatch-
Node
honeywellhdz302din-s1_firmwareRange<1.000.0041.20180530
AND
honeywellhdz302din-s1Match-
Node
honeywellhdz302lik_firmwareRange<1.000.61.1.20180607
AND
honeywellhdz302likMatch-
Node
honeywellhdz302liw_firmwareRange<1.000.61.1.20180607
AND
honeywellhdz302liwMatch-
Node
honeywellhfd6gr1_firmwareRange<1.000.hw00.9.20180510
AND
honeywellhfd6gr1Match-
Node
honeywellhfd8gr1_firmwareRange<1.000.hw00.9.20180510
AND
honeywellhfd8gr1Match-
Node
honeywellhm4l8gr1_firmwareRange<1.000.hw02.8.20190813
AND
honeywellhm4l8gr1Match-
Node
honeywellhmbl8gr1_firmwareRange<1.000.hw02.8.20190813
AND
honeywellhmbl8gr1Match-
Node
honeywellh2w2gr1_firmwareRange<1.000.0000.18.20190409
AND
honeywellh2w2gr1Match-
Node
honeywellh3w2gr1_firmwareRange<1.000.hw00.21.20190812
AND
honeywellh3w2gr1Match-
Node
honeywellh3w2gr1v_firmwareRange<1.000.0000.18.20190409
AND
honeywellh3w2gr1vMatch-
Node
honeywellh3w2gr2_firmwareRange<1.000.hw00.21.20190812
AND
honeywellh3w2gr2Match-
Node
honeywellh3w4gr1_firmwareRange<1.000.hw00.21.20190812
AND
honeywellh3w4gr1Match-
Node
honeywellh3w4gr1v_firmwareRange<1.000.0000.18.20190409
AND
honeywellh3w4gr1vMatch-
Node
honeywellh4d8gr1_firmwareRange<2.420.hw00.9.20180510
AND
honeywellh4d8gr1Match-
Node
honeywellh4l2gr1_firmwareRange<1.000.0000.18.20190423
AND
honeywellh4l2gr1Match-
Node
honeywellh4l2gr1v_firmwareRange<1.000.0000.18.20190423
AND
honeywellh4l2gr1vMatch-
Node
honeywellh4l6gr2_firmwareRange<1.000.hw02.8.20190813
AND
honeywellh4l6gr2Match-
Node
honeywellh4lggr2_firmwareRange<1.000.hw04.3.20190813
AND
honeywellh4lggr2Match-
Node
honeywellh4w2gr1_firmwareRange<1.000.hw00.21.20190812
AND
honeywellh4w2gr1Match-
Node
honeywellh4w2gr1v_firmwareRange<1.000.0000.18.20190409
AND
honeywellh4w2gr1vMatch-
Node
honeywellh4w2gr2_firmwareRange<1.000.hw00.21.20190812
AND
honeywellh4w2gr2Match-
Node
honeywellh4w4gr1_firmwareRange<1.000.hw00.21.20190812
AND
honeywellh4w4gr1Match-
Node
honeywellh4w4gr1v_firmwareRange<1.000.0000.18.20190409
AND
honeywellh4w4gr1vMatch-
Node
honeywellhbd8gr1_firmwareRange<2.420.hw00.9.20180510
AND
honeywellhbd8gr1Match-
Node
honeywellhbl2gr1_firmwareRange<2.420.hw01.33.20190812
AND
honeywellhbl2gr1Match-
Node
honeywellhbl2gr1v_firmwareRange<1.000.0000.18.20190423
AND
honeywellhbl2gr1vMatch-
Node
honeywellhbl6gr2_firmwareRange<1.000.hw04.3.20190813
AND
honeywellhbl6gr2Match-
Node
honeywellhbl6gr2_firmwareRange<1.000.hw02.8.20190813
AND
honeywellhbl6gr2Match-
Node
honeywellhbw2gr1_firmwareRange<1.000.hw00.21.20190812
AND
honeywellhbw2gr1Match-
Node
honeywellhbw2gr1v_firmwareRange<1.000.0000.18.20190409
AND
honeywellhbw2gr1vMatch-
Node
honeywellhbw2gr3_firmwareRange<1.000.hw00.21.20190812
AND
honeywellhbw2gr3Match-
Node
honeywellhbw2gr3v_firmwareRange<1.000.0000.18.20190409
AND
honeywellhbw2gr3vMatch-
Node
honeywellhbw4gr1_firmwareRange<1.000.hw00.21.20190812
AND
honeywellhbw4gr1Match-
Node
honeywellhbw4gr1v_firmwareRange<1.000.0000.18.20190409
AND
honeywellhbw4gr1vMatch-
Node
honeywellhcd8g_firmwareRange<2.420.hw00.9.20180510
AND
honeywellhcd8gMatch-
Node
honeywellhcl2g_firmwareRange<1.000.0000.18.20190423
AND
honeywellhcl2gMatch-
Node
honeywellhcl2gv_firmwareRange<1.000.0000.18.20190423
AND
honeywellhcl2gvMatch-
Node
honeywellhcw2g_firmwareRange<1.000.hw00.21.20190812
AND
honeywellhcw2gMatch-
Node
honeywellhcw2gv_firmwareRange<1.000.0000.18.20190409
AND
honeywellhcw2gvMatch-
Node
honeywellhcw4g_firmwareRange<1.000.hw00.21.20190812
AND
honeywellhcw4gMatch-
Node
honeywellhdz302d_firmwareRange<1.000.0041.20180530
AND
honeywellhdz302dMatch-
Node
honeywellhdz302de_firmwareRange<1.000.0041.20180530
AND
honeywellhdz302deMatch-
Node
honeywellhdz302din_firmwareRange<1.000.0041.20180530
AND
honeywellhdz302dinMatch-
Node
honeywellhdz302din-c1_firmwareRange<1.000.0041.20180530
AND
honeywellhdz302din-c1Match-

CNA Affected

[
  {
    "product": "Honeywell equIP & Performance series IP cameras",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "equIP Camera,Vulnability fixed from version,H2W2GR1 1.000.0000.18.20190409,H3W2GR1 1.000.HW00.21.20190812,H3W2GR1V 1.000.0000.18.20190409,H3W2GR2 1.000.HW00.21.20190812,H3W4GR1 1.000.HW00.21.20190812,H3W4GR1V 1.000.0000.18.20190409,H4D8GR1 2.420.HW00.9.20180510,H4L2GR1 1.000.0000.18.20190423,H4L2GR1V 1.000.0000.18.20190423,H4L6GR2 1.000.HW02.8.20190813,H4LGGR2 .000.HW04.3.20190813,H4W2GR1 1.000.HW00.21.20190812,H4W2GR1V 1.000.0000.18.20190409,H4W2GR2 1.000.HW00.21.20190812,H4W4GR1 1.000.HW00.21.20190812,H4W4GR1V 1.000.0000.18.20190409,HBD8GR1 2.420.HW00.9.20180510,HBL2GR1 2.420.HW01.33.20190812,HBL2GR1V 1.000.0000.18.20190423,HBL6GR2 1.000.HW04.3.20190813,HBL6GR2 1.000.HW02.8.20190813,HBW2GR1 1.000.HW00.21.20190812, HBW2GR1V 1.000.0000.18.20190409,HBW2GR3 1.000.HW00.21.20190812,HBW2GR3V 1.000.0000.18.20190409,HBW4GR1 1.000.HW00.21.20190812, HBW4GR1V 1.000.0000.18.20190409,HCD8G 2.420.HW00.9.20180510,HCL2G 1.000.0000.18.20190423,HCL2GV 1.000.0000.18.20190423,HCW2G 1.000.HW00.21.20190812,HCW2GV  ...[truncated*]"
      }
    ]
  }
]

Related

symantec 1
prion 1
cvelist 1
nvd 1
ics 1
symantec
symantec
Multiple Honeywell Products CVE-2019-18230 Unauthorized Access Vulnerability
2019-09-04 00:00:00
prion
prion
Design/Logic Flaw
2019-10-31 22:15:00
cvelist
cvelist
CVE-2019-18230
2019-10-31 21:15:32
nvd
nvd
CVE-2019-18230
2019-10-31 22:15:11
ics
ics
Honeywell equIP and Performance Series IP Cameras
2019-10-31 12:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.0%

JSON
Related for CVE-2019-18230
symantec1prion1cvelist1nvd1ics1