Search criteria
4 vulnerabilities found for fi9903p by foscam
VAR-201704-1458
Vulnerability from variot - Updated: 2023-12-18 13:14Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1458",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c1 lite",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "c2",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9800xe",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9828p",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9851p",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9853ep",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9901ep",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9903p",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9928p",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "r2",
"scope": null,
"trust": 1.4,
"vendor": "foscam",
"version": null
},
{
"model": "fi9828p",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9851p",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9853ep",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "c2",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "c1",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9901ep",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "c1 lite",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9928p",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9903p",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "r2",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9800xe",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "fi9826p",
"scope": "eq",
"trust": 1.0,
"vendor": "foscam",
"version": "*"
},
{
"model": "c1",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
},
{
"model": "fi9826p",
"scope": null,
"trust": 0.8,
"vendor": "foscam",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:foscam:fi9928p:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:fi9826p:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:r2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:fi9828p:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:fi9903p:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:c1_lite:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:fi9800xe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:fi9853ep:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:c1:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:c2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:fi9901ep:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:foscam:fi9851p:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7648"
}
]
},
"cve": "CVE-2017-7648",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-7648",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-7648",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-7648",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-468",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-7648",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "VULMON",
"id": "CVE-2017-7648"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7648",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-7648",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
]
},
"id": "VAR-201704-1458",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5572390533333333
},
"last_update_date": "2023-12-18T13:14:19.240000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.foscam.com/"
},
{
"title": "CVE-2017-7648.",
"trust": 0.1,
"url": "https://github.com/notmot/cve-2017-7648. "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7648"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7648"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/notmot/cve-2017-7648."
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"db": "NVD",
"id": "CVE-2017-7648"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-10T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"date": "2017-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"date": "2017-04-10T19:59:00.297000",
"db": "NVD",
"id": "CVE-2017-7648"
},
{
"date": "2017-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7648"
},
{
"date": "2017-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003124"
},
{
"date": "2017-04-17T16:39:18.780000",
"db": "NVD",
"id": "CVE-2017-7648"
},
{
"date": "2017-09-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foscam Vulnerability that breaks cryptographic protection mechanisms in network devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003124"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-468"
}
],
"trust": 0.6
}
}
FKIE_CVE-2017-7648
Vulnerability from fkie_nvd - Published: 2017-04-10 19:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/540388/30/0/threaded | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/540388/30/0/threaded | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:foscam:c1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7389DE9-CA20-4C78-8995-283B62F1EFF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:c1_lite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E397A2B-A359-47F7-8511-46C9A4AB6138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:c2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD4E331-F8EC-4101-9CC2-024F45091F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:fi9800xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C61FCA92-292C-4727-8202-CC9C8CD81135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:fi9826p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F594F134-C17D-4F36-8CA3-989BA1B593AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:fi9828p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43490AF6-018A-4ADA-854E-BF39DD88E4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:fi9851p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39B496E3-56E0-4231-B4EB-5EB515637C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:fi9853ep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DABEEE8-9E5C-49A9-A2EC-D9E2968161B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:fi9901ep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC1DF418-B1A9-46B6-91DD-C2C440016573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:fi9903p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBE30F1-F107-46D8-8B60-AE8A515CD566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:fi9928p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF0BB89-28F3-404B-BFBC-5DBAF4043721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:foscam:r2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "329EDF7D-0031-430B-9B86-2092CAAAA0B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."
},
{
"lang": "es",
"value": "Los dispositivos en red de Foscam usan la misma clave privada SSL codificada en las diferentes instalaciones de los clientes, lo que permite a los atacantes remotos derrotar los mecanismos de protecci\u00f3n criptogr\u00e1fica aprovechando el conocimiento de esta clave desde otra instalaci\u00f3n."
}
],
"id": "CVE-2017-7648",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-10T19:59:00.297",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2017-7648 (GCVE-0-2017-7648)
Vulnerability from cvelistv5 – Published: 2017-04-10 19:00 – Updated: 2024-09-16 20:02
VLAI?
Summary
Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:12:27.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/archive/1/540388/30/0/threaded",
"refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7648",
"datePublished": "2017-04-10T19:00:00Z",
"dateReserved": "2017-04-10T00:00:00Z",
"dateUpdated": "2024-09-16T20:02:45.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7648 (GCVE-0-2017-7648)
Vulnerability from nvd – Published: 2017-04-10 19:00 – Updated: 2024-09-16 20:02
VLAI?
Summary
Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:12:27.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Foscam networked devices use the same hardcoded SSL private key across different customers\u0027 installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/archive/1/540388/30/0/threaded",
"refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7648",
"datePublished": "2017-04-10T19:00:00Z",
"dateReserved": "2017-04-10T00:00:00Z",
"dateUpdated": "2024-09-16T20:02:45.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}