Details of VAR-202005-0309

ID

VAR-202005-0309

CVE

CVE-2020-11949

TITLE

plural VIVOTEK Network Camera Vulnerability regarding information leakage in

Trust: 0.8

sources: JVNDB: JVNDB-2020-005968

DESCRIPTION

testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. For example, this affects IT9388-HT devices. plural VIVOTEK Network Camera There is an information leakage vulnerability in.Information may be obtained

Trust: 1.62

sources: NVD: CVE-2020-11949 // JVNDB: JVNDB-2020-005968

AFFECTED PRODUCTS

vendor:	vivotek	model:	fd816ba-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd816ca-hf2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fe9181-h	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib8360-w	scope:	lte	version:	0113a	Trust: 1.0
vendor:	vivotek	model:	fd9389-htv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	tb9330-e	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib8382-t	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9391-eht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	sd9364-eh	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	fe9191	scope:	lte	version:	0124c	Trust: 1.0
vendor:	vivotek	model:	fd9367-htv\	scope:	eq	version:	-	Trust: 1.0
vendor:	vivotek	model:	fd8182-f2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd836ba-ehvf2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	sd9364-ehl	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	fd9187-h	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	sd9362-eh	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	fd9181-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9365-eht-a	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	fd8182-f1	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9389-ehm	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib836b-hf3	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	md9581-h	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9167-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9367-h	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9387-ehv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9189-hm	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib9389-eht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib836b-eht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9380-h	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	it9380-h	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	fe9182-h	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fe9382-ehv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ip9165-hp	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd816c-hf2	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	md8563-deh	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9389-ht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	it9360-h	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	fd9367-ehtv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd836b-hvf2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ip9164-ht	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	ib836ba-ehf3	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	sd9365-ehl	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	ip9172-lpc\	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	md9561-h	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	tb9331-e	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd8382-vf2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9365-ht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib836b-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9365-ehtv-a	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	fd9380-h	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	fe9381-ehv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9367-eh	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd8379-hv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib8360	scope:	lte	version:	0113a	Trust: 1.0
vendor:	vivotek	model:	ib9360-h	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	ib9387-eht-a	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	cc8371-hv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ip9165-ht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd836ba-htv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd8382-evf2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd8179-h	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	md9560-h	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	sd9361-ehl	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	cd8371-hnvf2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ip9191-ht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib8382-ef3	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd8169a	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	md8563-eh	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	sd9363-ehl-v2	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	it9389-ht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd816b-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9189-h	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd8382-tv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ip9167-hp	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd8377-hv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ip9167-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9381-ehtv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd8367a-v	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	ib8377-eht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9389-hm	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9166-hn	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	ib9381-eht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9387-ht-a	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	fd9389-hmv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib8377-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9365-htv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	sd9161-h	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	ib9365-eht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib9367-eht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9387-eh	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib9387-eht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9389-ehtv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib836ba-hf3	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9389-eh	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	cc8370-hv	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	fd9365-ehtv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9167-h	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ma9322-ehtv	scope:	lte	version:	0114c	Trust: 1.0
vendor:	vivotek	model:	fd8366-v	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	sd9366-eh-v2	scope:	lte	version:	0104j	Trust: 1.0
vendor:	vivotek	model:	cd8371-hntv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9387-ht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9389-ehv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fe9380-hv	scope:	lte	version:	0222k	Trust: 1.0
vendor:	vivotek	model:	sd9364-eh-v2	scope:	lte	version:	0104j	Trust: 1.0
vendor:	vivotek	model:	vc8101	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib8367a	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	md8564-eh	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	sd9374-ehl	scope:	lte	version:	0123b	Trust: 1.0
vendor:	vivotek	model:	fd8177-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd816ba-hf2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	cc8160\	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9371-eht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9366-hv	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	ib8377-h	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	md9560-dh	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	cc8160	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	sd9362-ehl	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	fd9389-ehmv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9367-htv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fe9391-ev	scope:	lte	version:	0124c	Trust: 1.0
vendor:	vivotek	model:	it9389-h	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9187-ht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	sd9366-ehl	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	ma9321-ehtv	scope:	lte	version:	0113a	Trust: 1.0
vendor:	vivotek	model:	ip8160-w	scope:	lte	version:	0113a	Trust: 1.0
vendor:	vivotek	model:	fd9189-ht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd8167a	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	fd8166a	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	fd9365-htv-a	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	fd9387-ehtv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9187-ht-a	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	ip9181-h	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd836b-ehtv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd836ba-ehtv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd8182-t	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib8369a	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	fd9387-ehtv-a	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	ib9365-ht-a	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	fd8377-ehtv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	sd9364-ehl-v2	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	fe9180-h	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9368-ht	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	fd9368-htv	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	fd836ba-hvf2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	vs8100-v2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ms9390-hv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ip9164-lpc	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	ip8166	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	ib9389-h	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd836b-ehvf2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ip8160	scope:	lte	version:	0113a	Trust: 1.0
vendor:	vivotek	model:	fe9582-ehnv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9367-hv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9171-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9365-htvl	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	ib8382-et	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd8166a-n	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9391-ehtv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd8177-h	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9165-ht	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	it9388-ht	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	ib836b-hrf3	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9389-hv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9387-htv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	cc9381-hv	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	ib9367-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	sd9363-ehl	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	ib836ba-eht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ip9171-hp	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd816b-hf2	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ms9321-ehv	scope:	lte	version:	0100i	Trust: 1.0
vendor:	vivotek	model:	ib836ba-ht	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd8369a-v	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	ip9165-lpc\	scope:	lte	version:	0113d	Trust: 1.0
vendor:	vivotek	model:	sd9362-eh-v2	scope:	lte	version:	0104j	Trust: 1.0
vendor:	vivotek	model:	ib8382-f3	scope:	lte	version:	0213b	Trust: 1.0
vendor:	vivotek	model:	fd9371-ehtv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd8377-htv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib836b-ehf3	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	sd9366-eh	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	ib9387-h	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	iz9361-eh	scope:	lte	version:	0114a	Trust: 1.0
vendor:	vivotek	model:	fd9165-ht-a	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	md8565-n	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	ib9388-ht	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	fd9387-htv-a	scope:	lte	version:	0100m	Trust: 1.0
vendor:	vivotek	model:	ip9165-lpc	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9360-h	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	ip9191-hp	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd836b-htv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	fd9387-hv	scope:	lte	version:	0121d	Trust: 1.0
vendor:	vivotek	model:	fd9388-htv	scope:	lte	version:	0222g	Trust: 1.0
vendor:	vivotek	model:	fd8382-etv	scope:	lte	version:	0113b	Trust: 1.0
vendor:	vivotek	model:	cc9381-hv	scope:	-	version:	-	Trust: 0.8
vendor:	vivotek	model:	fd9360-h	scope:	-	version:	-	Trust: 0.8
vendor:	vivotek	model:	fd9368-htv	scope:	-	version:	-	Trust: 0.8
vendor:	vivotek	model:	fd9380-h	scope:	-	version:	-	Trust: 0.8
vendor:	vivotek	model:	fd9388-htv	scope:	-	version:	-	Trust: 0.8
vendor:	vivotek	model:	ib9360-h	scope:	-	version:	-	Trust: 0.8
vendor:	vivotek	model:	ib9368-ht	scope:	-	version:	-	Trust: 0.8
vendor:	vivotek	model:	ib9380-h	scope:	-	version:	-	Trust: 0.8
vendor:	vivotek	model:	ib9388-ht	scope:	-	version:	-	Trust: 0.8
vendor:	vivotek	model:	it9360-h	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-005968 // NVD: CVE-2020-11949

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-11949
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2020-005968
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202005-1376
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2020-11949
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-005968
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

nvd@nist.gov:	CVE-2020-11949
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-005968
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2020-005968 // CNNVD: CNNVD-202005-1376 // NVD: CVE-2020-11949

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-200	Trust: 0.8

sources: JVNDB: JVNDB-2020-005968 // NVD: CVE-2020-11949

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-1376

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202005-1376

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005968

PATCH

title:	VVTK-SA-2020-001	url:	http://download.vivotek.com/downloadfile/support/cyber-security/vvtk-sa-2020-001-v1.pdf	Trust: 0.8
title:	Multiple Vivotek Product information disclosure vulnerability repair measures	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=120179	Trust: 0.6

sources: JVNDB: JVNDB-2020-005968 // CNNVD: CNNVD-202005-1376

EXTERNAL IDS

db:	NVD	id:	CVE-2020-11949	Trust: 2.4
db:	JVNDB	id:	JVNDB-2020-005968	Trust: 0.8
db:	CNNVD	id:	CNNVD-202005-1376	Trust: 0.6

sources: JVNDB: JVNDB-2020-005968 // CNNVD: CNNVD-202005-1376 // NVD: CVE-2020-11949

REFERENCES

url:	http://download.vivotek.com/downloadfile/support/cyber-security/vvtk-sa-2020-001-v1.pdf	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-11949	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-11949	Trust: 0.8

sources: JVNDB: JVNDB-2020-005968 // CNNVD: CNNVD-202005-1376 // NVD: CVE-2020-11949

SOURCES

db:	JVNDB	id:	JVNDB-2020-005968
db:	CNNVD	id:	CNNVD-202005-1376
db:	NVD	id:	CVE-2020-11949

LAST UPDATE DATE

2024-11-23T22:29:37.976000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2020-005968	date:	2020-06-25T00:00:00
db:	CNNVD	id:	CNNVD-202005-1376	date:	2020-06-12T00:00:00
db:	NVD	id:	CVE-2020-11949	date:	2024-11-21T04:58:57.877

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2020-005968	date:	2020-06-25T00:00:00
db:	CNNVD	id:	CNNVD-202005-1376	date:	2020-05-28T00:00:00
db:	NVD	id:	CVE-2020-11949	date:	2020-05-28T13:15:11.317