Search criteria
17 vulnerabilities found for BVMS by Bosch
VAR-202002-1207
Vulnerability from variot - Updated: 2023-12-18 13:56A path traversal vulnerability in the Bosch Video Management System (BVMS) FileTransferService allows an authenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed. plural Bosch The product contains a past traversal vulnerability.Information may be obtained. Bosch DIVAR IP 3000 is a 3000 series video recorder from the German company Bosch (Bosch). The vulnerability stems from a network system or product failing to properly filter resources or special elements in the file path. An attacker can use this vulnerability to access a location outside the restricted directory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-1207",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "video management system",
"scope": "lte",
"trust": 1.0,
"vendor": "bosch",
"version": "10.0.0.1225"
},
{
"model": "video management system viewer",
"scope": "gte",
"trust": 1.0,
"vendor": "bosch",
"version": "10.0"
},
{
"model": "video management system viewer",
"scope": "lte",
"trust": 1.0,
"vendor": "bosch",
"version": "7.5"
},
{
"model": "video management system viewer",
"scope": "gte",
"trust": 1.0,
"vendor": "bosch",
"version": "9.0"
},
{
"model": "video management system",
"scope": "lte",
"trust": 1.0,
"vendor": "bosch",
"version": "8.0.0.329"
},
{
"model": "video management system",
"scope": "lte",
"trust": 1.0,
"vendor": "bosch",
"version": "9.0.0.827"
},
{
"model": "video management system",
"scope": "gte",
"trust": 1.0,
"vendor": "bosch",
"version": "9.0"
},
{
"model": "video management system viewer",
"scope": "lte",
"trust": 1.0,
"vendor": "bosch",
"version": "10.0.0.1225"
},
{
"model": "video management system viewer",
"scope": "gte",
"trust": 1.0,
"vendor": "bosch",
"version": "8.0"
},
{
"model": "video management system viewer",
"scope": "lte",
"trust": 1.0,
"vendor": "bosch",
"version": "8.0.329"
},
{
"model": "video management system",
"scope": "gte",
"trust": 1.0,
"vendor": "bosch",
"version": "10.0"
},
{
"model": "video management system",
"scope": "lte",
"trust": 1.0,
"vendor": "bosch",
"version": "7.5"
},
{
"model": "video management system viewer",
"scope": "lte",
"trust": 1.0,
"vendor": "bosch",
"version": "9.0.0.827"
},
{
"model": "video management system",
"scope": "gte",
"trust": 1.0,
"vendor": "bosch",
"version": "8.0"
},
{
"model": "bvms viewer",
"scope": null,
"trust": 0.8,
"vendor": "robert bosch",
"version": null
},
{
"model": "video recording manager",
"scope": null,
"trust": 0.8,
"vendor": "robert bosch",
"version": null
},
{
"model": "divar ip",
"scope": "eq",
"trust": 0.6,
"vendor": "bosch",
"version": "3000"
},
{
"model": "bvms",
"scope": "gte",
"trust": 0.6,
"vendor": "bosch",
"version": "10.0,\u003c=10.0.0.1225"
},
{
"model": "bvms",
"scope": "gte",
"trust": 0.6,
"vendor": "bosch",
"version": "9.0,\u003c=9.0.0.827"
},
{
"model": "bvms",
"scope": "gte",
"trust": 0.6,
"vendor": "bosch",
"version": "8.0,\u003c=8.0.329"
},
{
"model": "bvms",
"scope": "lte",
"trust": 0.6,
"vendor": "bosch",
"version": "\u003c=7.5"
},
{
"model": "bvms viewer",
"scope": "gte",
"trust": 0.6,
"vendor": "bosch",
"version": "10.0,\u003c=10.0.0.1225"
},
{
"model": "bvms viewer",
"scope": "gte",
"trust": 0.6,
"vendor": "bosch",
"version": "9.0,\u003c=9.0.0.827"
},
{
"model": "bvms viewer",
"scope": "gte",
"trust": 0.6,
"vendor": "bosch",
"version": "8.0,\u003c=8.0.329"
},
{
"model": "bvms viewer",
"scope": "lte",
"trust": 0.6,
"vendor": "bosch",
"version": "\u003c=7.5"
},
{
"model": "divar ip",
"scope": "eq",
"trust": 0.6,
"vendor": "bosch",
"version": "7000"
},
{
"model": "divar ip all-in-one",
"scope": "eq",
"trust": 0.6,
"vendor": "bosch",
"version": "5000"
},
{
"model": "divar ip 3000",
"scope": "eq",
"trust": 0.6,
"vendor": "bosch",
"version": null
},
{
"model": "divar ip all-in-one 5000",
"scope": "eq",
"trust": 0.6,
"vendor": "bosch",
"version": null
},
{
"model": "divar ip 7000",
"scope": "eq",
"trust": 0.6,
"vendor": "bosch",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18524"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001980"
},
{
"db": "NVD",
"id": "CVE-2020-6767"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.329",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.0.0.827",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.0.1225",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.0.329",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.0.0.827",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.0.1225",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bosch:divar_ip_3000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.0.329",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.0.0.827",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.0.1225",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bosch:divar_ip_7000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.0.329",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.0.0.827",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.0.1225",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bosch:divar_ip_all-in-one_5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6767"
}
]
},
"cve": "CVE-2020-6767",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-001980",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2020-18524",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2020-6767",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@bosch.com",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-001980",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-6767",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@bosch.com",
"id": "CVE-2020-6767",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-001980",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-18524",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-173",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-6767",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18524"
},
{
"db": "VULMON",
"id": "CVE-2020-6767"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001980"
},
{
"db": "NVD",
"id": "CVE-2020-6767"
},
{
"db": "NVD",
"id": "CVE-2020-6767"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A path traversal vulnerability in the Bosch Video Management System (BVMS) FileTransferService allows an authenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 \u003c= 10.0.0.1225, 9.0 \u003c= 9.0.0.827, 8.0 \u003c= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 \u003c= 10.0.0.1225, 9.0 \u003c= 9.0.0.827, 8.0 \u003c= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed. plural Bosch The product contains a past traversal vulnerability.Information may be obtained. Bosch DIVAR IP 3000 is a 3000 series video recorder from the German company Bosch (Bosch). The vulnerability stems from a network system or product failing to properly filter resources or special elements in the file path. An attacker can use this vulnerability to access a location outside the restricted directory",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6767"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001980"
},
{
"db": "CNVD",
"id": "CNVD-2020-18524"
},
{
"db": "VULMON",
"id": "CVE-2020-6767"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6767",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001980",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-18524",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202002-173",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-6767",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18524"
},
{
"db": "VULMON",
"id": "CVE-2020-6767"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001980"
},
{
"db": "NVD",
"id": "CVE-2020-6767"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
]
},
"id": "VAR-202002-1207",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18524"
}
],
"trust": 1.464583335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18524"
}
]
},
"last_update_date": "2023-12-18T13:56:22.303000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "BOSCH-SA-381489-BT",
"trust": 0.8,
"url": "https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-sa-381489-bt_cve-2020-6767_securityadvisory_bvms_pathtraversal.pdf"
},
{
"title": "Patch for Bosch Video Management System path traversal vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/209977"
},
{
"title": "Bosch Video Management System Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=109374"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18524"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001980"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001980"
},
{
"db": "NVD",
"id": "CVE-2020-6767"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6767"
},
{
"trust": 1.7,
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-381489-bt.html"
},
{
"trust": 1.7,
"url": "https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-sa-381489-bt_cve-2020-6767_securityadvisory_bvms_pathtraversal.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6767"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18524"
},
{
"db": "VULMON",
"id": "CVE-2020-6767"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001980"
},
{
"db": "NVD",
"id": "CVE-2020-6767"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-18524"
},
{
"db": "VULMON",
"id": "CVE-2020-6767"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001980"
},
{
"db": "NVD",
"id": "CVE-2020-6767"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-18524"
},
{
"date": "2020-02-06T00:00:00",
"db": "VULMON",
"id": "CVE-2020-6767"
},
{
"date": "2020-03-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001980"
},
{
"date": "2020-02-06T17:15:14.130000",
"db": "NVD",
"id": "CVE-2020-6767"
},
{
"date": "2020-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-18524"
},
{
"date": "2020-02-14T00:00:00",
"db": "VULMON",
"id": "CVE-2020-6767"
},
{
"date": "2020-03-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001980"
},
{
"date": "2020-02-14T18:05:28.613000",
"db": "NVD",
"id": "CVE-2020-6767"
},
{
"date": "2020-02-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bosch Video Management System path traversal vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18524"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-173"
}
],
"trust": 0.6
}
}
CVE-2023-35867 (GCVE-0-2023-35867)
Vulnerability from cvelistv5 – Published: 2023-12-18 12:59 – Updated: 2024-08-02 16:30
VLAI?
Summary
An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks.
Severity ?
5.9 (Medium)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
0 , ≤ 12.0.0
(custom)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:45.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Configuration Manager",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "7.62",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 7000 R3",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 4000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 6000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Project Assistant",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Video Security Client",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.3.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "BIS Video Engine",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "5.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Intelligent Insights",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "1.0.3.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "ONVIF Camera Event Driver Tool",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.0.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T12:59:48.604Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-35867",
"datePublished": "2023-12-18T12:59:48.604Z",
"dateReserved": "2023-06-19T09:15:32.387Z",
"dateUpdated": "2024-08-02T16:30:45.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28175 (GCVE-0-2023-28175)
Vulnerability from cvelistv5 – Published: 2023-06-15 10:14 – Updated: 2024-12-17 20:51
VLAI?
Summary
Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request.
Severity ?
7.1 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
7.5 , ≤ 11.1.1
(custom)
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:30:24.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-17T20:49:39.796592Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T20:51:14.639Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP 3000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "8.0",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP 7000 R1",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "8.0",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP all-in-one 7000 R3",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "10.1.1",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "9.0",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "9.0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 4000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "11.1.1"
}
]
},
{
"product": "DIVAR IP all-in-one 6000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "11.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-15T10:14:34.076Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-28175",
"datePublished": "2023-06-15T10:14:34.076Z",
"dateReserved": "2023-03-13T15:46:37.814Z",
"dateUpdated": "2024-12-17T20:51:14.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32540 (GCVE-0-2022-32540)
Vulnerability from cvelistv5 – Published: 2022-09-30 16:38 – Updated: 2025-05-20 16:15
VLAI?
Summary
Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.
Severity ?
7.4 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-32540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:15:26.762937Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:15:31.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.0",
"status": "affected",
"version": "11.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "VJD-7513",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "10.23.0002"
},
{
"status": "affected",
"version": "10.30.0005"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-30T16:38:54.000Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"ID": "CVE-2022-32540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "11.1",
"version_value": "11.1.0"
},
{
"version_affected": "\u003c=",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c=",
"version_name": "10.1",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "VJD-7513",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.23.0002"
},
{
"version_affected": "=",
"version_value": "10.30.0005"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2022-32540",
"datePublished": "2022-09-30T16:38:54.000Z",
"dateReserved": "2022-06-07T00:00:00.000Z",
"dateUpdated": "2025-05-20T16:15:31.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23862 (GCVE-0-2021-23862)
Vulnerability from cvelistv5 – Published: 2021-12-08 21:17 – Updated: 2024-09-16 19:30
VLAI?
Summary
A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000).
Severity ?
7.2 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , ≤ 9.0.0
(custom)
Affected: 11.0 , < 11.0.0 (custom) Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "VRM",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.81",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.00.0070",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.83.0021",
"status": "affected",
"version": "3.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.82.0057",
"status": "affected",
"version": "3.82",
"versionType": "custom"
}
]
},
{
"product": "VJD-8000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "10.01.0036",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "VJD-7513",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "10.22.0038",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T21:17:37",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
},
"title": "Authenticated Remote Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-12-08",
"ID": "CVE-2021-23862",
"STATE": "PUBLIC",
"TITLE": "Authenticated Remote Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c=",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "VRM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.0",
"version_value": "4.00.0070"
},
{
"version_affected": "\u003c=",
"version_name": "3.83",
"version_value": "3.83.0021"
},
{
"version_affected": "\u003c=",
"version_name": "3.82",
"version_value": "3.82.0057"
},
{
"version_affected": "\u003c=",
"version_value": "3.81"
}
]
}
},
{
"product_name": "VJD-8000",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "10.01.0036"
}
]
}
},
{
"product_name": "VJD-7513",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "10.22.0038"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000)."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23862",
"datePublished": "2021-12-08T21:17:37.519370Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-16T19:30:25.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23861 (GCVE-0-2021-23861)
Vulnerability from cvelistv5 – Published: 2021-12-08 21:17 – Updated: 2024-09-16 17:49
VLAI?
Summary
By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.
Severity ?
6.5 (Medium)
CWE
- CWE-489 - Active Debug Code
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , ≤ 9.0.0
(custom)
Affected: 11.0 , < 11.0.0 (custom) Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "VRM",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.81",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.00.0070",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.83.0021",
"status": "affected",
"version": "3.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.82.0057",
"status": "affected",
"version": "3.82",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "CWE-489 Active Debug Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T21:17:32",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
},
"title": "Possible Access to Debug Functions in Bosch VRM / BVMS",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-12-08",
"ID": "CVE-2021-23861",
"STATE": "PUBLIC",
"TITLE": "Possible Access to Debug Functions in Bosch VRM / BVMS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c=",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "VRM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.0",
"version_value": "4.00.0070"
},
{
"version_affected": "\u003c=",
"version_name": "3.83",
"version_value": "3.83.0021"
},
{
"version_affected": "\u003c=",
"version_name": "3.82",
"version_value": "3.82.0057"
},
{
"version_affected": "\u003c=",
"version_value": "3.81"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-489 Active Debug Code"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23861",
"datePublished": "2021-12-08T21:17:32.737248Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-16T17:49:16.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23860 (GCVE-0-2021-23860)
Vulnerability from cvelistv5 – Published: 2021-12-08 21:17 – Updated: 2024-09-17 03:52
VLAI?
Summary
An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.
Severity ?
5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , ≤ 9.0.0
(custom)
Affected: 11.0 , < 11.0.0 (custom) Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "VRM",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.81",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.00.0070",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.83.0021",
"status": "affected",
"version": "3.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.82.0057",
"status": "affected",
"version": "3.82",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T21:17:28",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
},
"title": "Reflected Cross Site Scripting (XSS) vulnerability in Bosch VRM / BVMS",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-12-08",
"ID": "CVE-2021-23860",
"STATE": "PUBLIC",
"TITLE": "Reflected Cross Site Scripting (XSS) vulnerability in Bosch VRM / BVMS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c=",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "VRM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.0",
"version_value": "4.00.0070"
},
{
"version_affected": "\u003c=",
"version_name": "3.83",
"version_value": "3.83.0021"
},
{
"version_affected": "\u003c=",
"version_name": "3.82",
"version_value": "3.82.0057"
},
{
"version_affected": "\u003c=",
"version_value": "3.81"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23860",
"datePublished": "2021-12-08T21:17:28.106105Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-17T03:52:42.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23859 (GCVE-0-2021-23859)
Vulnerability from cvelistv5 – Published: 2021-12-08 21:17 – Updated: 2024-09-16 19:45
VLAI?
Summary
An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859
Severity ?
9.1 (Critical)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , ≤ 9.0.0
(custom)
Affected: 11.0 , < 11.0.0 (custom) Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "VRM",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.81",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.00.0070",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.83.0021",
"status": "affected",
"version": "3.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.82.0057",
"status": "affected",
"version": "3.82",
"versionType": "custom"
}
]
},
{
"product": "VRM Exporter",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.10.0008",
"status": "affected",
"version": "2.1",
"versionType": "custom"
}
]
},
{
"product": "APE",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.8.x.x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AEC",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.9.1.x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "BIS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "4.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T21:17:23",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "EXTERNAL"
},
"title": "Denial of Service and Authentication Bypass Vulnerability in multiple Bosch products",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-12-08",
"ID": "CVE-2021-23859",
"STATE": "PUBLIC",
"TITLE": "Denial of Service and Authentication Bypass Vulnerability in multiple Bosch products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c=",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "VRM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.0",
"version_value": "4.00.0070"
},
{
"version_affected": "\u003c=",
"version_name": "3.83",
"version_value": "3.83.0021"
},
{
"version_affected": "\u003c=",
"version_name": "3.82",
"version_value": "3.82.0057"
},
{
"version_affected": "\u003c=",
"version_value": "3.81"
}
]
}
},
{
"product_name": "VRM Exporter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.1",
"version_value": "2.10.0008"
}
]
}
},
{
"product_name": "APE",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.8.x.x"
}
]
}
},
{
"product_name": "AEC",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.9.1.x"
}
]
}
},
{
"product_name": "BIS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "4.9"
},
{
"version_affected": "\u003c=",
"version_value": "4.8"
},
{
"version_affected": "\u003c=",
"version_value": "4.7"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-703 Improper Check or Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23859",
"datePublished": "2021-12-08T21:17:23.528438Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-16T19:45:43.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6785 (GCVE-0-2020-6785)
Vulnerability from cvelistv5 – Published: 2021-03-25 15:49 – Updated: 2024-09-17 00:35
VLAI?
Summary
Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , < 9.0.0
(custom)
Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T15:49:53",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
},
"title": "Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-03-24",
"ID": "CVE-2020-6785",
"STATE": "PUBLIC",
"TITLE": "Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "BVMS Viewer",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6785",
"datePublished": "2021-03-25T15:49:54.005154Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-17T00:35:36.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35867 (GCVE-0-2023-35867)
Vulnerability from nvd – Published: 2023-12-18 12:59 – Updated: 2024-08-02 16:30
VLAI?
Summary
An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks.
Severity ?
5.9 (Medium)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
0 , ≤ 12.0.0
(custom)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:45.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Configuration Manager",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "7.62",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 7000 R3",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 4000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 6000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "12.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Project Assistant",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Video Security Client",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.3.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "BIS Video Engine",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "5.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "Intelligent Insights",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "1.0.3.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "ONVIF Camera Event Driver Tool",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.0.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T12:59:48.604Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-092656-BT.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-35867",
"datePublished": "2023-12-18T12:59:48.604Z",
"dateReserved": "2023-06-19T09:15:32.387Z",
"dateUpdated": "2024-08-02T16:30:45.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28175 (GCVE-0-2023-28175)
Vulnerability from nvd – Published: 2023-06-15 10:14 – Updated: 2024-12-17 20:51
VLAI?
Summary
Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request.
Severity ?
7.1 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
7.5 , ≤ 11.1.1
(custom)
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:30:24.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-17T20:49:39.796592Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T20:51:14.639Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP 3000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "8.0",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP 7000 R1",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "8.0",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP all-in-one 7000 R3",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "10.1.1",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "9.0",
"versionType": "custom"
}
]
},
{
"product": "Bosch DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.1",
"status": "affected",
"version": "9.0",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP all-in-one 4000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "11.1.1"
}
]
},
{
"product": "DIVAR IP all-in-one 6000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "11.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-15T10:14:34.076Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html",
"tags": [
"vendor-advisory"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-28175",
"datePublished": "2023-06-15T10:14:34.076Z",
"dateReserved": "2023-03-13T15:46:37.814Z",
"dateUpdated": "2024-12-17T20:51:14.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32540 (GCVE-0-2022-32540)
Vulnerability from nvd – Published: 2022-09-30 16:38 – Updated: 2025-05-20 16:15
VLAI?
Summary
Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.
Severity ?
7.4 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-32540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:15:26.762937Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:15:31.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "11.1.0",
"status": "affected",
"version": "11.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "VJD-7513",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "10.23.0002"
},
{
"status": "affected",
"version": "10.30.0005"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-30T16:38:54.000Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"ID": "CVE-2022-32540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "11.1",
"version_value": "11.1.0"
},
{
"version_affected": "\u003c=",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c=",
"version_name": "10.1",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "VJD-7513",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.23.0002"
},
{
"version_affected": "=",
"version_value": "10.30.0005"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-464066.html"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2022-32540",
"datePublished": "2022-09-30T16:38:54.000Z",
"dateReserved": "2022-06-07T00:00:00.000Z",
"dateUpdated": "2025-05-20T16:15:31.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23862 (GCVE-0-2021-23862)
Vulnerability from nvd – Published: 2021-12-08 21:17 – Updated: 2024-09-16 19:30
VLAI?
Summary
A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000).
Severity ?
7.2 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , ≤ 9.0.0
(custom)
Affected: 11.0 , < 11.0.0 (custom) Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "VRM",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.81",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.00.0070",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.83.0021",
"status": "affected",
"version": "3.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.82.0057",
"status": "affected",
"version": "3.82",
"versionType": "custom"
}
]
},
{
"product": "VJD-8000",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "10.01.0036",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "VJD-7513",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "10.22.0038",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T21:17:37",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
},
"title": "Authenticated Remote Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-12-08",
"ID": "CVE-2021-23862",
"STATE": "PUBLIC",
"TITLE": "Authenticated Remote Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c=",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "VRM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.0",
"version_value": "4.00.0070"
},
{
"version_affected": "\u003c=",
"version_name": "3.83",
"version_value": "3.83.0021"
},
{
"version_affected": "\u003c=",
"version_name": "3.82",
"version_value": "3.82.0057"
},
{
"version_affected": "\u003c=",
"version_value": "3.81"
}
]
}
},
{
"product_name": "VJD-8000",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "10.01.0036"
}
]
}
},
{
"product_name": "VJD-7513",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "10.22.0038"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000)."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23862",
"datePublished": "2021-12-08T21:17:37.519370Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-16T19:30:25.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23861 (GCVE-0-2021-23861)
Vulnerability from nvd – Published: 2021-12-08 21:17 – Updated: 2024-09-16 17:49
VLAI?
Summary
By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.
Severity ?
6.5 (Medium)
CWE
- CWE-489 - Active Debug Code
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , ≤ 9.0.0
(custom)
Affected: 11.0 , < 11.0.0 (custom) Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "VRM",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.81",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.00.0070",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.83.0021",
"status": "affected",
"version": "3.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.82.0057",
"status": "affected",
"version": "3.82",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "CWE-489 Active Debug Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T21:17:32",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
},
"title": "Possible Access to Debug Functions in Bosch VRM / BVMS",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-12-08",
"ID": "CVE-2021-23861",
"STATE": "PUBLIC",
"TITLE": "Possible Access to Debug Functions in Bosch VRM / BVMS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c=",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "VRM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.0",
"version_value": "4.00.0070"
},
{
"version_affected": "\u003c=",
"version_name": "3.83",
"version_value": "3.83.0021"
},
{
"version_affected": "\u003c=",
"version_name": "3.82",
"version_value": "3.82.0057"
},
{
"version_affected": "\u003c=",
"version_value": "3.81"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-489 Active Debug Code"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23861",
"datePublished": "2021-12-08T21:17:32.737248Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-16T17:49:16.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23860 (GCVE-0-2021-23860)
Vulnerability from nvd – Published: 2021-12-08 21:17 – Updated: 2024-09-17 03:52
VLAI?
Summary
An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.
Severity ?
5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , ≤ 9.0.0
(custom)
Affected: 11.0 , < 11.0.0 (custom) Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "VRM",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.81",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.00.0070",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.83.0021",
"status": "affected",
"version": "3.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.82.0057",
"status": "affected",
"version": "3.82",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T21:17:28",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
},
"title": "Reflected Cross Site Scripting (XSS) vulnerability in Bosch VRM / BVMS",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-12-08",
"ID": "CVE-2021-23860",
"STATE": "PUBLIC",
"TITLE": "Reflected Cross Site Scripting (XSS) vulnerability in Bosch VRM / BVMS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c=",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "VRM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.0",
"version_value": "4.00.0070"
},
{
"version_affected": "\u003c=",
"version_name": "3.83",
"version_value": "3.83.0021"
},
{
"version_affected": "\u003c=",
"version_name": "3.82",
"version_value": "3.82.0057"
},
{
"version_affected": "\u003c=",
"version_value": "3.81"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23860",
"datePublished": "2021-12-08T21:17:28.106105Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-17T03:52:42.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23859 (GCVE-0-2021-23859)
Vulnerability from nvd – Published: 2021-12-08 21:17 – Updated: 2024-09-16 19:45
VLAI?
Summary
An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859
Severity ?
9.1 (Critical)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , ≤ 9.0.0
(custom)
Affected: 11.0 , < 11.0.0 (custom) Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:09.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "11.0.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "VRM",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.81",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.00.0070",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.83.0021",
"status": "affected",
"version": "3.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.82.0057",
"status": "affected",
"version": "3.82",
"versionType": "custom"
}
]
},
{
"product": "VRM Exporter",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.10.0008",
"status": "affected",
"version": "2.1",
"versionType": "custom"
}
]
},
{
"product": "APE",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "3.8.x.x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AEC",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "2.9.1.x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "BIS",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "4.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T21:17:23",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "EXTERNAL"
},
"title": "Denial of Service and Authentication Bypass Vulnerability in multiple Bosch products",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-12-08",
"ID": "CVE-2021-23859",
"STATE": "PUBLIC",
"TITLE": "Denial of Service and Authentication Bypass Vulnerability in multiple Bosch products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "11.0",
"version_value": "11.0.0"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c=",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"configuration": "using vulnerable BVMS or VRM version",
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "VRM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.0",
"version_value": "4.00.0070"
},
{
"version_affected": "\u003c=",
"version_name": "3.83",
"version_value": "3.83.0021"
},
{
"version_affected": "\u003c=",
"version_name": "3.82",
"version_value": "3.82.0057"
},
{
"version_affected": "\u003c=",
"version_value": "3.81"
}
]
}
},
{
"product_name": "VRM Exporter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.1",
"version_value": "2.10.0008"
}
]
}
},
{
"product_name": "APE",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.8.x.x"
}
]
}
},
{
"product_name": "AEC",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.9.1.x"
}
]
}
},
{
"product_name": "BIS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "4.9"
},
{
"version_affected": "\u003c=",
"version_value": "4.8"
},
{
"version_affected": "\u003c=",
"version_value": "4.7"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-703 Improper Check or Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-043434-BT",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2021-23859",
"datePublished": "2021-12-08T21:17:23.528438Z",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-09-16T19:45:43.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6785 (GCVE-0-2020-6785)
Vulnerability from nvd – Published: 2021-03-25 15:49 – Updated: 2024-09-17 00:35
VLAI?
Summary
Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Bosch | BVMS |
Affected:
unspecified , < 9.0.0
(custom)
Affected: 10.0 , < 10.0.2 (custom) Affected: 10.1 , < 10.1.1 (custom) |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:05.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BVMS",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "BVMS Viewer",
"vendor": "Bosch",
"versions": [
{
"lessThan": "9.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "DIVAR IP 7000 R2",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 5000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "DIVAR IP all-in-one 7000",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T15:49:53",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
],
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
},
"title": "Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"DATE_PUBLIC": "2021-03-24",
"ID": "CVE-2020-6785",
"STATE": "PUBLIC",
"TITLE": "Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BVMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "BVMS Viewer",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.2"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "\u003c",
"version_value": "9.0.0"
}
]
}
},
{
"product_name": "DIVAR IP 7000 R2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 5000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
},
{
"product_name": "DIVAR IP all-in-one 7000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim\u0027s system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-835563-bt.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-835563-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2020-6785",
"datePublished": "2021-03-25T15:49:54.005154Z",
"dateReserved": "2020-01-10T00:00:00",
"dateUpdated": "2024-09-17T00:35:36.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}