Sign-up

ID

VAR-201711-1059


CVE

CVE-2017-8863


TITLE

Cohu 3960HD Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2017-010789

DESCRIPTION

Information disclosure of .esp source code on the Cohu 3960 allows an attacker to view sensitive information such as application logic with a simple web browser. Cohu 3960HD Contains an information disclosure vulnerability.Information may be obtained. The Cohu3960HD is an IP zoom camera from Cohu Corporation of the United States and is generally used as a traffic camera

Trust: 2.25

sources: NVD: CVE-2017-8863 // JVNDB: JVNDB-2017-010789 // CNVD: CNVD-2017-37750 // VULHUB: VHN-117066

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-37750

AFFECTED PRODUCTS

vendor:cohuhdmodel:3960hdscope:eqversion: -

Trust: 1.6

vendor:cohuhd costarmodel:3960hdscope: - version: -

Trust: 0.8

vendor:cohumodel:3960hdscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2017-37750 // JVNDB: JVNDB-2017-010789 // CNNVD: CNNVD-201705-610 // NVD: CVE-2017-8863

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-8863
value: HIGH

Trust: 1.0

NVD: CVE-2017-8863
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-37750
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201705-610
value: MEDIUM

Trust: 0.6

VULHUB: VHN-117066
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-8863
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-37750
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-117066
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-8863
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-37750 // VULHUB: VHN-117066 // JVNDB: JVNDB-2017-010789 // CNNVD: CNNVD-201705-610 // NVD: CVE-2017-8863

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-117066 // JVNDB: JVNDB-2017-010789 // NVD: CVE-2017-8863

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201705-610

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201705-610

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-010789

PATCH
title:Cohu 3960HDurl:http://www.cohuhd.com/Files/datasheet/3960HD.pdf
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2017-010789

EXTERNAL IDS
db:NVDid:CVE-2017-8863
Trust: 3.1
db:JVNDBid:JVNDB-2017-010789
Trust: 0.8
db:CNNVDid:CNNVD-201705-610
Trust: 0.7
db:CNVDid:CNVD-2017-37750
Trust: 0.6
db:VULHUBid:VHN-117066
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-37750 // 
            
            
            
            VULHUB: VHN-117066 // 
            
            
            
            JVNDB: JVNDB-2017-010789 // 
            
            
            
            CNNVD: CNNVD-201705-610 // 
            
            
            
            NVD: CVE-2017-8863

REFERENCES
url:https://bneg.io/2017/05/12/vulnerabilities-in-cohu-3960hd/
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2017-8863
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8863
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2017-37750 // 
            
            
            
            VULHUB: VHN-117066 // 
            
            
            
            JVNDB: JVNDB-2017-010789 // 
            
            
            
            CNNVD: CNNVD-201705-610 // 
            
            
            
            NVD: CVE-2017-8863

SOURCES
db:CNVDid:CNVD-2017-37750
db:VULHUBid:VHN-117066
db:JVNDBid:JVNDB-2017-010789
db:CNNVDid:CNNVD-201705-610
db:NVDid:CVE-2017-8863

LAST UPDATE DATE
2025-04-20T23:24:50.301000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-37750date:2017-12-21T00:00:00
db:VULHUBid:VHN-117066date:2017-12-12T00:00:00
db:JVNDBid:JVNDB-2017-010789date:2017-12-25T00:00:00
db:CNNVDid:CNNVD-201705-610date:2017-11-24T00:00:00
db:NVDid:CVE-2017-8863date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-37750date:2017-12-21T00:00:00
db:VULHUBid:VHN-117066date:2017-11-22T00:00:00
db:JVNDBid:JVNDB-2017-010789date:2017-12-25T00:00:00
db:CNNVDid:CNNVD-201705-610date:2017-05-12T00:00:00
db:NVDid:CVE-2017-8863date:2017-11-22T08:29:00.397