Sign-up

ID

VAR-201803-1779


CVE

CVE-2018-6302


TITLE

Hanwha Techwin Smartcam Vulnerabilities related to security functions in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2018-002850

DESCRIPTION

Denial of service by blocking of new camera registration on the cloud server in Hanwha Techwin Smartcams. Hanwha Techwin Smartcam Vulnerabilities related to security functions exist in the firmware.Service operation interruption (DoS) There is a possibility of being put into a state. HanwhaTechwinSmartcam is a series of security surveillance cameras based on cloud services. There is a denial of service vulnerability in HanwhaTechwinSmartcam. Hanwha Techwin Smartcams is a cloud-based security monitoring device from Hanwha Korea. There is a security flaw in Hanwha Techwin Smartcams

Trust: 2.34

sources: NVD: CVE-2018-6302 // JVNDB: JVNDB-2018-002850 // CNVD: CNVD-2018-05237 // VULHUB: VHN-136334 // VULMON: CVE-2018-6302

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-05237

AFFECTED PRODUCTS

vendor:hanwha securitymodel:snh-v6410pnscope:eqversion: -

Trust: 1.6

vendor:hanwha securitymodel:snh-v6410pnwscope:eqversion: -

Trust: 1.6

vendor:hanwha techwinmodel:snh-v6410pnscope: - version: -

Trust: 0.8

vendor:hanwha techwinmodel:snh-v6410pnwscope: - version: -

Trust: 0.8

vendor:hanwhamodel:techwin smartcamsscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2018-05237 // JVNDB: JVNDB-2018-002850 // CNNVD: CNNVD-201803-383 // NVD: CVE-2018-6302

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-6302
value: HIGH

Trust: 1.0

NVD: CVE-2018-6302
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-05237
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201803-383
value: HIGH

Trust: 0.6

VULHUB: VHN-136334
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-6302
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-6302
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-05237
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-136334
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-6302
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-05237 // VULHUB: VHN-136334 // VULMON: CVE-2018-6302 // JVNDB: JVNDB-2018-002850 // CNNVD: CNNVD-201803-383 // NVD: CVE-2018-6302

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-254

Trust: 0.9

sources: VULHUB: VHN-136334 // JVNDB: JVNDB-2018-002850 // NVD: CVE-2018-6302

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-383

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201803-383

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-002850

PATCH
title:SNH-V6410PN/PNWurl:https://www.hanwha-security.eu/home-security-products/snh-v6410pn/
Trust: 0.8
title:Patch for HanwhaTechwinSmartcam Denial of Service Vulnerability (CNVD-2018-05237)url:https://www.cnvd.org.cn/patchInfo/show/121445
Trust: 0.6
title:Hanwha Techwin Smartcams Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79078
Trust: 0.6
title:Securelisturl:https://securelist.com/somebodys-watching-when-cameras-are-more-than-just-smart/84309/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-05237 // 
            
            
            
            VULMON: CVE-2018-6302 // 
            
            
            
            JVNDB: JVNDB-2018-002850 // 
            
            
            
            CNNVD: CNNVD-201803-383

EXTERNAL IDS
db:NVDid:CVE-2018-6302
Trust: 3.2
db:JVNDBid:JVNDB-2018-002850
Trust: 0.8
db:CNNVDid:CNNVD-201803-383
Trust: 0.7
db:CNVDid:CNVD-2018-05237
Trust: 0.6
db:VULHUBid:VHN-136334
Trust: 0.1
db:VULMONid:CVE-2018-6302
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-05237 // 
            
            
            
            VULHUB: VHN-136334 // 
            
            
            
            VULMON: CVE-2018-6302 // 
            
            
            
            JVNDB: JVNDB-2018-002850 // 
            
            
            
            CNNVD: CNNVD-201803-383 // 
            
            
            
            NVD: CVE-2018-6302

REFERENCES
url:https://securelist.com/somebodys-watching-when-cameras-are-more-than-just-smart/84309/
Trust: 2.7
url:https://nvd.nist.gov/vuln/detail/cve-2018-6302
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6302
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-05237 // 
            
            
            
            VULHUB: VHN-136334 // 
            
            
            
            VULMON: CVE-2018-6302 // 
            
            
            
            JVNDB: JVNDB-2018-002850 // 
            
            
            
            CNNVD: CNNVD-201803-383 // 
            
            
            
            NVD: CVE-2018-6302

SOURCES
db:CNVDid:CNVD-2018-05237
db:VULHUBid:VHN-136334
db:VULMONid:CVE-2018-6302
db:JVNDBid:JVNDB-2018-002850
db:CNNVDid:CNNVD-201803-383
db:NVDid:CVE-2018-6302

LAST UPDATE DATE
2024-11-23T21:53:18.356000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-05237date:2018-03-14T00:00:00
db:VULHUBid:VHN-136334date:2019-10-03T00:00:00
db:VULMONid:CVE-2018-6302date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2018-002850date:2018-05-02T00:00:00
db:CNNVDid:CNNVD-201803-383date:2019-10-23T00:00:00
db:NVDid:CVE-2018-6302date:2024-11-21T04:10:26.737

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-05237date:2018-03-14T00:00:00
db:VULHUBid:VHN-136334date:2018-03-13T00:00:00
db:VULMONid:CVE-2018-6302date:2018-03-13T00:00:00
db:JVNDBid:JVNDB-2018-002850date:2018-05-02T00:00:00
db:CNNVDid:CNNVD-201803-383date:2018-03-16T00:00:00
db:NVDid:CVE-2018-6302date:2018-03-13T17:29:00.747