Details of VAR-202107-1713

ID

VAR-202107-1713

TITLE

Hikvision security access gateway has weak password vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-45910

DESCRIPTION

Hangzhou Hikvision Digital Technology Co., Ltd. is a leading provider of security products and industry solutions. Hikvision security access gateway has weak password vulnerability. Attackers can use this vulnerability to log in to the background to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-45910

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-45910

AFFECTED PRODUCTS

vendor:

hikvision digital

model:

secure access gateway

scope:

version:

v1.0

Trust: 0.6

sources: CNVD: CNVD-2021-45910

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-45910
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-45910
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-45910

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-45910

Trust: 0.6

sources: CNVD: CNVD-2021-45910

SOURCES

db:

CNVD

id:

CNVD-2021-45910

LAST UPDATE DATE

2022-05-04T10:17:55.792000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-45910

date:

2021-06-30T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-45910

date:

2021-07-31T00:00:00