Sign-up

ID

VAR-201906-0270


CVE

CVE-2019-12763


TITLE

Android for Security Camera CZ Information disclosure vulnerability in applications

Trust: 0.8

sources: JVNDB: JVNDB-2019-005365

DESCRIPTION

The Security Camera CZ application through 1.6.8 for Android stores potentially sensitive recorded video in external data storage, which is readable by any application. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components

Trust: 1.71

sources: NVD: CVE-2019-12763 // JVNDB: JVNDB-2019-005365 // VULHUB: VHN-144542

AFFECTED PRODUCTS

vendor:securitycameramodel:security camera czscope:lteversion:1.6.8

Trust: 1.0

vendor:security cameramodel:czscope:lteversion:1.6.8

Trust: 0.8

sources: JVNDB: JVNDB-2019-005365 // NVD: CVE-2019-12763

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-12763
value: HIGH

Trust: 1.0

NVD: CVE-2019-12763
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201906-289
value: HIGH

Trust: 0.6

VULHUB: VHN-144542
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-12763
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-144542
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-12763
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-144542 // JVNDB: JVNDB-2019-005365 // CNNVD: CNNVD-201906-289 // NVD: CVE-2019-12763

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-200

Trust: 0.9

sources: VULHUB: VHN-144542 // JVNDB: JVNDB-2019-005365 // NVD: CVE-2019-12763

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201906-289

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201906-289

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-005365

PATCH
title:Security Camera CZurl:https://play.google.com/store/apps/details?id=cz.scamera.securitycamera&hl=en_US
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2019-005365

EXTERNAL IDS
db:NVDid:CVE-2019-12763
Trust: 2.5
db:JVNDBid:JVNDB-2019-005365
Trust: 0.8
db:CNNVDid:CNNVD-201906-289
Trust: 0.7
db:VULHUBid:VHN-144542
Trust: 0.1
sources:
            
            
            VULHUB: VHN-144542 // 
            
            
            
            JVNDB: JVNDB-2019-005365 // 
            
            
            
            CNNVD: CNNVD-201906-289 // 
            
            
            
            NVD: CVE-2019-12763

REFERENCES
url:https://hansesecure.de/2019/05/vulnerability-security-camera-cz-storage/
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2019-12763
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12763
Trust: 0.8
sources:
            
            
            VULHUB: VHN-144542 // 
            
            
            
            JVNDB: JVNDB-2019-005365 // 
            
            
            
            CNNVD: CNNVD-201906-289 // 
            
            
            
            NVD: CVE-2019-12763

SOURCES
db:VULHUBid:VHN-144542
db:JVNDBid:JVNDB-2019-005365
db:CNNVDid:CNNVD-201906-289
db:NVDid:CVE-2019-12763

LAST UPDATE DATE
2024-11-23T22:25:55.349000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-144542date:2019-06-10T00:00:00
db:JVNDBid:JVNDB-2019-005365date:2019-06-19T00:00:00
db:CNNVDid:CNNVD-201906-289date:2019-06-11T00:00:00
db:NVDid:CVE-2019-12763date:2024-11-21T04:23:31.550

SOURCES RELEASE DATE
db:VULHUBid:VHN-144542date:2019-06-07T00:00:00
db:JVNDBid:JVNDB-2019-005365date:2019-06-19T00:00:00
db:CNNVDid:CNNVD-201906-289date:2019-06-07T00:00:00
db:NVDid:CVE-2019-12763date:2019-06-07T12:29:00.237