Sign-up

ID

VAR-201903-1645


TITLE

Kodak Video Cloud MCU Device has a cross-site request forgery vulnerability

Trust: 0.2

sources: IVD: a26e0288-3fe9-11e9-9841-00900b69299a

DESCRIPTION

Kodak Video Cloud MCU The device has a cross-site request forgery vulnerability. Venue management and end conference exist CSRF Vulnerability, which could be exploited by an attacker to execute CSRF attack.

Trust: 0.2

sources: IVD: a26e0288-3fe9-11e9-9841-00900b69299a

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: a26e0288-3fe9-11e9-9841-00900b69299a

AFFECTED PRODUCTS

vendor:cpe a keda jdmodel: - scope:eqversion:6000

Trust: 0.2

vendor:cpe a keda jdsmodel: - scope:eqversion:6000

Trust: 0.2

sources: IVD: a26e0288-3fe9-11e9-9841-00900b69299a

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD: a26e0288-3fe9-11e9-9841-00900b69299a
value: HIGH

Trust: 0.2

IVD: a26e0288-3fe9-11e9-9841-00900b69299a
severity: HIGH
baseScore: 8.8
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: a26e0288-3fe9-11e9-9841-00900b69299a

TYPE

Cross Site Request Forgery

Trust: 0.2

sources: IVD: a26e0288-3fe9-11e9-9841-00900b69299a

EXTERNAL IDS

db:IVDid:A26E0288-3FE9-11E9-9841-00900B69299A

Trust: 0.2

sources: IVD: a26e0288-3fe9-11e9-9841-00900b69299a

SOURCES

db:IVDid:a26e0288-3fe9-11e9-9841-00900b69299a

LAST UPDATE DATE

2022-05-04T10:26:14.433000+00:00


SOURCES UPDATE DATE


SOURCES RELEASE DATE

db:IVDid:a26e0288-3fe9-11e9-9841-00900b69299adate:2019-03-07T00:00:00