Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2018-11689
HistoryJun 14, 2018 - 8:29 p.m.

CVE-2018-11689

2018-06-1420:29:00
CWE-79
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.095 Low

EPSS

Percentile

94.8%

JSON

Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)

Affected configurations

NVD
Node
samsungsmartviewerMatch-
Node
hanwha-securityhrd-1642Match-
AND
hanwha-securityhrd-1642_firmwareRange1.16
Node
hanwha-securityhrd-842Match-
AND
hanwha-securityhrd-842_firmwareRange1.16
Node
hanwha-securityhrd-442Match-
AND
hanwha-securityhrd-442_firmwareRange1.16
Node
hanwha-securityhrd-1641Match-
AND
hanwha-securityhrd-1641_firmwareRange1.14
Node
hanwha-securityhrd-841Match-
AND
hanwha-securityhrd-841_firmwareRange1.14
Node
hanwha-securityhrd-840Match-
AND
hanwha-securityhrd-840_firmwareRange1.14
Node
hanwha-securityhrd-440Match-
AND
hanwha-securityhrd-440_firmwareRange1.14
Node
hanwha-securityhrd-443Match-
AND
hanwha-securityhrd-443_firmwareRange1.14
Node
hanwha-securitysrd-1694u_firmwareRange1.14
AND
hanwha-securitysrd-1694uMatch-

Related

cve 2
checkpoint_advisories 1
nessus 1
cvelist 1
packetstorm 1
prion 1
nvd 1
cve
cve
CVE-2018-11689
2018-06-14 20:29:00
CVE-2021-45817
2022-01-03 16:15:07
checkpoint_advisories
checkpoint_advisories
Samsung Smart Viewer Cross-site Scripting (CVE-2018-11689)
2020-06-28 00:00:00
nessus
nessus
Hanwha Vision Web Viewer Cross-site Scripting (CVE-2018-11689)
2024-06-26 00:00:00
cvelist
cvelist
CVE-2018-11689
2018-06-14 20:00:00
packetstorm
packetstorm
Samsung Web Viewer For Samsung DVR Cross Site Scripting
2018-06-13 00:00:00
prion
prion
Design/Logic Flaw
2018-06-14 20:29:00
nvd
nvd
CVE-2021-45817
2022-01-03 16:15:07

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.095 Low

EPSS

Percentile

94.8%

JSON
Related for NVD:CVE-2018-11689
cve2checkpoint_advisories1nessus1cvelist1packetstorm1prion1nvd1