Sign-up

ID

VAR-201903-1650


TITLE

Kodak Video Cloud MCU Device has unauthorized access vulnerability

Trust: 0.2

sources: IVD: 7a76df5a-3feb-11e9-948c-00900b69299a

DESCRIPTION

Kodak Video Cloud MCU The device has an unauthorized access vulnerability. There is a problem of unauthorized data export. A large amount of sensitive data can be downloaded without logging in, including point-to-point records, multipoint records, phone records, and conference statistics.

Trust: 0.2

sources: IVD: 7a76df5a-3feb-11e9-948c-00900b69299a

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: 7a76df5a-3feb-11e9-948c-00900b69299a

AFFECTED PRODUCTS

vendor:cpe a keda jdmodel: - scope:eqversion:6000

Trust: 0.2

vendor:cpe a keda jdsmodel: - scope:eqversion:6000

Trust: 0.2

sources: IVD: 7a76df5a-3feb-11e9-948c-00900b69299a

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD: 7a76df5a-3feb-11e9-948c-00900b69299a
value: LOW

Trust: 0.2

IVD: 7a76df5a-3feb-11e9-948c-00900b69299a
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 7a76df5a-3feb-11e9-948c-00900b69299a

TYPE

Permission permission and access control

Trust: 0.2

sources: IVD: 7a76df5a-3feb-11e9-948c-00900b69299a

EXTERNAL IDS

db:IVDid:7A76DF5A-3FEB-11E9-948C-00900B69299A

Trust: 0.2

sources: IVD: 7a76df5a-3feb-11e9-948c-00900b69299a

SOURCES

db:IVDid:7a76df5a-3feb-11e9-948c-00900b69299a

LAST UPDATE DATE

2022-05-04T10:15:40.225000+00:00


SOURCES UPDATE DATE


SOURCES RELEASE DATE

db:IVDid:7a76df5a-3feb-11e9-948c-00900b69299adate:2019-03-07T00:00:00