Search criteria
3 vulnerabilities found for ds-k1t671tm-3xf_firmware by hikvision
FKIE_CVE-2023-28809
Vulnerability from fkie_nvd - Published: 2023-06-15 19:15 - Updated: 2024-11-21 07:56
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320efwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB2BA1B-B272-4B4E-BB2C-3EE2D267CA81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320efwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7140EB24-E7B5-4F86-9A5C-0D88D1DA90C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320efx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAA72A5-4E87-4ADD-B9BC-1A873A861938",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320efx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21D67B36-A2A7-42E2-A7FB-6BBF3A973E37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320ewx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "679EECBE-B875-4D58-98CE-335E9EAF8B25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320ewx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4694AEF-26C6-4B03-BCCB-3683CF788085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A885F112-F486-4293-A1A7-B69FEB8F1E4F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C45E6F-34DD-4B08-A87F-D9E7D9775ED1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mfwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0711E27-DE19-4639-BF8E-A48FC5A5472D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mfwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9B3F47-00F9-4C77-AFAF-25D6154E4C15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mfx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5EB0FE7-3884-4088-A0E2-CF04A5D8C6C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mfx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C842855-FD06-412E-9B88-EDC8B419E87F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35741C9C-4CE7-4196-988F-C623FFD98279",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "541C2F9D-E8D1-4928-B3DE-902B51B33A56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF3ED7E-3041-4F50-8265-A9F75BC6FC52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39668BE9-C9D5-4747-A7EA-EC3C9ADC64B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t341am_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85524CE8-644F-4E8B-B61F-EBD4188F356B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t341am:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F12C75F-FEA4-478D-968A-9B864C49CBFE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t341amf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19543853-5D0A-437A-8CDF-236D862D7F9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t341amf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E8A304-F67E-4C0E-995B-719E9AFD2791",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t341cm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A853DC4-2BE1-4709-BCCA-AE0420DC8414",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t341cm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "624D45FC-FC44-4A02-AE3F-23AD132290B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t343ewx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8B098D-7B32-42A3-ABA0-6148AF132750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t343ewx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98F2425-FCB9-40DE-BCE0-3CA9BA6067BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t343ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "644FF6D6-CD32-44D1-A629-6FE0FC2F2025",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t343ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EB3496-4191-4092-961C-5F68D7A99EF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t343mwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AD49A-F965-493A-8EA6-7F10EDD049E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t343mwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7416B8F5-2918-4418-8A5C-860C5A236BCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t343mx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9CF5F7-31FD-4247-A05F-2425B00F551F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t343mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4D8C07-AB2F-4E97-B3E9-C97EFAD3F017",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE328C4-08C2-436B-A95E-E03A0D96662F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B322AE4-4BE3-46EE-BFFD-730274270D52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B0D6A71-EA45-4A29-A98F-3B7F46AFCED6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4902A1D4-7DF1-4718-BF06-DD6E7EE43E8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671mf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB663C89-06C3-49F9-8316-A9F3883A8488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671mf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFBF47B3-0575-47C7-81E6-43E52411EA4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55E53965-E177-44B0-AB95-80323745741D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABB7E6B-3B39-4D18-A900-FB9818087085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A95CBFF1-3E92-4080-9B57-185EFEB3D6A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "050D18D3-868E-47DE-8ACF-55C0278F36DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tm-3xf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D62D9A96-8A4A-488B-87CB-4A88531F483B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tm-3xf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7844556-1139-4E47-83BF-74E245AB64DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tmf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8680383B-7404-4C52-878B-4017C5505298",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tmf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9D7580-7608-466A-9EC2-49891138C31C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tmfw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E59B90D-F25D-4A59-A0EA-17ED42C99500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tmfw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FAC44FD-D7D4-4499-BD3C-6FA15D0C058F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tmw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3FC30B-562F-432F-B804-62362E5E2F6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tmw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3C9724-1422-45A2-BFA4-D0132D090CCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t804af_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A641FCD-EB20-4B0E-A536-AD29ABA9FF6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t804af:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2888DD-2FBC-453F-ADED-2134D526EB7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t804amf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47C3FB28-D6FE-4455-A71C-C8BD082D092B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t804amf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F0BEA6-D675-4B8D-AEE3-44A63C7107D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user."
}
],
"id": "CVE-2023-28809",
"lastModified": "2024-11-21T07:56:03.600",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "hsrc@hikvision.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-15T19:15:10.537",
"references": [
{
"source": "hsrc@hikvision.com",
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
},
{
"source": "hsrc@hikvision.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
}
],
"sourceIdentifier": "hsrc@hikvision.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "hsrc@hikvision.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-28809 (GCVE-0-2023-28809)
Vulnerability from cvelistv5 – Published: 2023-06-15 00:00 – Updated: 2024-12-18 16:24
VLAI?
Summary
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
Severity ?
7.5 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| hikvision | DS-K1T804AXX |
Affected:
V1.4.0_build221212 , < V1.4.0_build221212
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Credits
Andres Hinnosaar
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28809",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T16:22:10.570445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T16:24:05.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-K1T804AXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V1.4.0_build221212",
"status": "affected",
"version": "V1.4.0_build221212",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T341AXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.2.30_build221223",
"status": "affected",
"version": "V3.2.30_build221223",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T671XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.2.30_build221223",
"status": "affected",
"version": "V3.2.30_build221223",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T343XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.14.0_build230117",
"status": "affected",
"version": "V3.14.0_build230117",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T341C",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.3.8_build230112",
"status": "affected",
"version": "V3.3.8_build230112",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T320XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.5.0_build220706",
"status": "affected",
"version": "V3.5.0_build220706",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andres Hinnosaar"
}
],
"datePublic": "2023-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T16:06:26.704372",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
},
{
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
}
],
"solutions": [
{
"lang": "en",
"value": "https://www.hikvision.com/en/support/download/firmware/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28809",
"datePublished": "2023-06-15T00:00:00",
"dateReserved": "2023-03-23T00:00:00",
"dateUpdated": "2024-12-18T16:24:05.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28809 (GCVE-0-2023-28809)
Vulnerability from nvd – Published: 2023-06-15 00:00 – Updated: 2024-12-18 16:24
VLAI?
Summary
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
Severity ?
7.5 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| hikvision | DS-K1T804AXX |
Affected:
V1.4.0_build221212 , < V1.4.0_build221212
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Credits
Andres Hinnosaar
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28809",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T16:22:10.570445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T16:24:05.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-K1T804AXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V1.4.0_build221212",
"status": "affected",
"version": "V1.4.0_build221212",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T341AXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.2.30_build221223",
"status": "affected",
"version": "V3.2.30_build221223",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T671XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.2.30_build221223",
"status": "affected",
"version": "V3.2.30_build221223",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T343XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.14.0_build230117",
"status": "affected",
"version": "V3.14.0_build230117",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T341C",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.3.8_build230112",
"status": "affected",
"version": "V3.3.8_build230112",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T320XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.5.0_build220706",
"status": "affected",
"version": "V3.5.0_build220706",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andres Hinnosaar"
}
],
"datePublic": "2023-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T16:06:26.704372",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
},
{
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
}
],
"solutions": [
{
"lang": "en",
"value": "https://www.hikvision.com/en/support/download/firmware/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28809",
"datePublished": "2023-06-15T00:00:00",
"dateReserved": "2023-03-23T00:00:00",
"dateUpdated": "2024-12-18T16:24:05.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}