Lucene search

[email protected]NVD:CVE-2019-9682

HistoryMay 13, 2020 - 4:15 p.m.

CVE-2019-9682

2020-05-1316:15:12

CWE-276

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON

Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker can monitor the device network to intercept network packets to attack the device. So it is recommended that the user disable this login method.

Affected configurations

Nvd

Node

dahuasecuritysd6al_firmwareRange<2019-12

AND

dahuasecuritysd6alMatch-

Node

dahuasecuritysd5a_firmwareRange<2019-12

AND

dahuasecuritysd5aMatch-

Node

dahuasecuritysd1a_firmwareRange<2019-12

AND

dahuasecuritysd1aMatch-

Node

dahuasecurityptz1a_firmwareRange<2019-12

AND

dahuasecurityptz1aMatch-

Node

dahuasecuritysd50_firmwareRange<2019-12

AND

dahuasecuritysd50Match-

Node

dahuasecuritysd52c_firmwareRange<2019-12

AND

dahuasecuritysd52cMatch-

Node

dahuasecurityipc-hx5842h_firmwareRange<2019-12

AND

dahuasecurityipc-hx5842hMatch-

Node

dahuasecurityipc-hx7842h_firmwareRange<2019-12

AND

dahuasecurityipc-hx7842hMatch-

Node

dahuasecurityipc-hx2xxx_firmwareRange<2019-12

AND

dahuasecurityipc-hx2xxxMatch-

Node

dahuasecurityipc-hxxx5x4x_firmwareRange<2019-12

AND

dahuasecurityipc-hxxx5x4xMatch-

Node

dahuasecurityn42b1p_firmwareRange<2019-12

AND

dahuasecurityn42b1pMatch-

Node

dahuasecurityn42b2p_firmwareRange<2019-12

AND

dahuasecurityn42b2pMatch-

Node

dahuasecurityn42b3p_firmwareRange<2019-12

AND

dahuasecurityn42b3pMatch-

Node

dahuasecurityn52a4p_firmwareRange<2019-12

AND

dahuasecurityn52a4pMatch-

Node

dahuasecurityn54a4p_firmwareRange<2019-12

AND

dahuasecurityn54a4pMatch-

Node

dahuasecurityn52b2p_firmwareRange<2019-12

AND

dahuasecurityn52b2pMatch-

Node

dahuasecurityn52b5p_firmwareRange<2019-12

AND

dahuasecurityn52b5pMatch-

Node

dahuasecurityn52b3p_firmwareRange<2019-12

AND

dahuasecurityn52b3pMatch-

Node

dahuasecurityn54b2p_firmwareRange<2019-12

AND

dahuasecurityn54b2pMatch-

Node

dahuasecurityipc-hdbw1320e-w_firmwareRange<2019-12

AND

dahuasecurityipc-hdbw1320e-wMatch-

VendorProductVersionCPE
dahuasecuritysd6al_firmware*cpe:2.3:o:dahuasecurity:sd6al_firmware:*:*:*:*:*:*:*:*
dahuasecuritysd6al-cpe:2.3:h:dahuasecurity:sd6al:-:*:*:*:*:*:*:*
dahuasecuritysd5a_firmware*cpe:2.3:o:dahuasecurity:sd5a_firmware:*:*:*:*:*:*:*:*
dahuasecuritysd5a-cpe:2.3:h:dahuasecurity:sd5a:-:*:*:*:*:*:*:*
dahuasecuritysd1a_firmware*cpe:2.3:o:dahuasecurity:sd1a_firmware:*:*:*:*:*:*:*:*
dahuasecuritysd1a-cpe:2.3:h:dahuasecurity:sd1a:-:*:*:*:*:*:*:*
dahuasecurityptz1a_firmware*cpe:2.3:o:dahuasecurity:ptz1a_firmware:*:*:*:*:*:*:*:*
dahuasecurityptz1a-cpe:2.3:h:dahuasecurity:ptz1a:-:*:*:*:*:*:*:*
dahuasecuritysd50_firmware*cpe:2.3:o:dahuasecurity:sd50_firmware:*:*:*:*:*:*:*:*
dahuasecuritysd50-cpe:2.3:h:dahuasecurity:sd50:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dahuasecurity	sd6al_firmware	*	cpe:2.3:o:dahuasecurity:sd6al_firmware::::::::
dahuasecurity	sd6al	-	cpe:2.3:h:dahuasecurity:sd6al:-:::::::*
dahuasecurity	sd5a_firmware	*	cpe:2.3:o:dahuasecurity:sd5a_firmware::::::::
dahuasecurity	sd5a	-	cpe:2.3:h:dahuasecurity:sd5a:-:::::::*
dahuasecurity	sd1a_firmware	*	cpe:2.3:o:dahuasecurity:sd1a_firmware::::::::
dahuasecurity	sd1a	-	cpe:2.3:h:dahuasecurity:sd1a:-:::::::*
dahuasecurity	ptz1a_firmware	*	cpe:2.3:o:dahuasecurity:ptz1a_firmware::::::::
dahuasecurity	ptz1a	-	cpe:2.3:h:dahuasecurity:ptz1a:-:::::::*
dahuasecurity	sd50_firmware	*	cpe:2.3:o:dahuasecurity:sd50_firmware::::::::
dahuasecurity	sd50	-	cpe:2.3:h:dahuasecurity:sd50:-:::::::*

Rows per page:

1-10 of 401

References

www.dahuasecurity.com/support/cybersecurity/details/767

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON

Related for NVD:CVE-2019-9682

nessus1 prion1 cve1 cvelist1