ID
VAR-201908-0516
CVE
CVE-2019-14709
TITLE
MicroDigital N-series cameras Trust Management Issue Vulnerability
Trust: 1.2
DESCRIPTION
A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further systems. MicroDigital N-series camera Vulnerabilities related to certificate and password management exist in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MICRODIGITAL N-series cameras is an N-series network camera from South Korean MICRODIGITAL company
Trust: 2.25
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
| category: | ['camera device'] | sub_category: | camera | Trust: 0.1 |
AFFECTED PRODUCTS
| vendor: | microdigital | model: | mdc-n2190v | scope: | lte | version: | 6400.0.8.5 | Trust: 1.8 |
| vendor: | microdigital | model: | mdc-n4090 | scope: | lte | version: | 6400.0.8.5 | Trust: 1.8 |
| vendor: | microdigital | model: | mdc-n4090w | scope: | lte | version: | 6400.0.8.5 | Trust: 1.8 |
| vendor: | microdigital | model: | n-series cameras | scope: | lte | version: | <=6400.0.8.5 | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-522 | Trust: 1.1 |
| problemtype: | CWE-255 | Trust: 0.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
trust management problem
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Top Page (kr) | url: | http://www.microdigital.co.kr/ | Trust: 0.8 |
| title: | Top Page (ru) | url: | https://www.microdigital.ru/ | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-14709 | Trust: 3.2 |
| db: | JVNDB | id: | JVNDB-2019-007598 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201908-465 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2019-42769 | Trust: 0.6 |
| db: | OTHER | id: | NONE | Trust: 0.1 |
| db: | VULHUB | id: | VHN-146682 | Trust: 0.1 |
REFERENCES
| url: | https://pastebin.com/psyqqs1g | Trust: 3.1 |
| url: | http://www.microdigital.co.kr/ | Trust: 2.3 |
| url: | https://www.microdigital.ru/ | Trust: 2.3 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-14709 | Trust: 2.0 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14709 | Trust: 0.8 |
| url: | https://ieeexplore.ieee.org/abstract/document/10769424 | Trust: 0.1 |
SOURCES
| db: | OTHER | id: | - |
| db: | CNVD | id: | CNVD-2019-42769 |
| db: | VULHUB | id: | VHN-146682 |
| db: | JVNDB | id: | JVNDB-2019-007598 |
| db: | CNNVD | id: | CNNVD-201908-465 |
| db: | NVD | id: | CVE-2019-14709 |
LAST UPDATE DATE
2025-01-30T20:18:10.137000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2019-42769 | date: | 2019-11-29T00:00:00 |
| db: | VULHUB | id: | VHN-146682 | date: | 2020-08-24T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-007598 | date: | 2019-08-15T00:00:00 |
| db: | CNNVD | id: | CNNVD-201908-465 | date: | 2020-08-25T00:00:00 |
| db: | NVD | id: | CVE-2019-14709 | date: | 2024-11-21T04:27:11.627 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2019-42769 | date: | 2019-11-29T00:00:00 |
| db: | VULHUB | id: | VHN-146682 | date: | 2019-08-06T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-007598 | date: | 2019-08-15T00:00:00 |
| db: | CNNVD | id: | CNNVD-201908-465 | date: | 2019-08-06T00:00:00 |
| db: | NVD | id: | CVE-2019-14709 | date: | 2019-08-06T23:15:12.993 |