Sign-up

ID

VAR-202104-2005


TITLE

Many Hikvision IP Cameras have weak password vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2021-16920

DESCRIPTION

Hikvision is a video-centric intelligent IoT solution and big data service provider. Many Hikvision IP Cameras have weak password vulnerabilities. Attackers use this vulnerability to log in to the system backend to gain administrator privileges.

Trust: 0.6

sources: CNVD: CNVD-2021-16920

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-16920

AFFECTED PRODUCTS

vendor:hikvision digitalmodel:ds-7804n-shscope: - version: -

Trust: 0.6

vendor:hikvision digitalmodel:ds-7804n-snhscope: - version: -

Trust: 0.6

vendor:hikvision digitalmodel:ds-7816hw-snhscope: - version: -

Trust: 0.6

vendor:hikvision digitalmodel:ds-8116hf-shscope: - version: -

Trust: 0.6

vendor:hikvision digitalmodel:ds-8116hws-shscope: - version: -

Trust: 0.6

vendor:hikvision digitalmodel:ds-8632n-stscope: - version: -

Trust: 0.6

vendor:hikvision digitalmodel:ds-9632n-stscope: - version: -

Trust: 0.6

vendor:hikvision digitalmodel:network hard disk video recorder: ds-7808h-shtscope: - version: -

Trust: 0.6

vendor:hikvision digitalmodel:network hard disk video recorder: ds-7808h-snhscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-16920

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2021-16920
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2021-16920
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2021-16920

PATCH

title:Patch for Many Hikvision IP Cameras have weak password vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/305146

Trust: 0.6

sources: CNVD: CNVD-2021-16920

EXTERNAL IDS

db:CNVDid:CNVD-2021-16920

Trust: 0.6

sources: CNVD: CNVD-2021-16920

SOURCES

db:CNVDid:CNVD-2021-16920

LAST UPDATE DATE

2022-05-04T10:07:12.599000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-16920date:2021-12-14T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-16920date:2021-04-02T00:00:00