cvelistv5 - CVE-2023-21417

CVE-2023-21417 (GCVE-0-2023-21417)

Vulnerability from cvelistv5 – Published: 2023-11-21 06:53 – Updated: 2025-06-11 13:59

Summary

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CWE

CWE-35 - Path Traversal

Assigner

Axis

References

URL

Tags

https://www.axis.com/dam/public/2a/82/12/cve-2023…

Impacted products

	Vendor	Product	Version
	Axis Communications AB	AXIS OS	Affected: AXIS OS 8.50 – 11.6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:36:34.511Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-21417",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-29T20:39:36.013734Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-11T13:59:30.672Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "AXIS OS",
          "vendor": "Axis Communications AB",
          "versions": [
            {
              "status": "affected",
              "version": "AXIS OS 8.50 \u2013 11.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program,\n\nhas found that the VAPIX API \u003ci\u003emanageoverlayimage.cgi\u003c/i\u003e was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
            }
          ],
          "value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program,\n\nhas found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-35",
              "description": "CWE-35: Path Traversal",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-08T08:27:01.130Z",
        "orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
        "shortName": "Axis"
      },
      "references": [
        {
          "url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
    "assignerShortName": "Axis",
    "cveId": "CVE-2023-21417",
    "datePublished": "2023-11-21T06:53:06.158Z",
    "dateReserved": "2022-11-04T18:30:01.768Z",
    "dateUpdated": "2025-06-11T13:59:30.672Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*\", \"versionEndExcluding\": \"11.7.57\", \"matchCriteriaId\": \"D4DE1198-6B4E-41BF-A97F-0EBD1B575D21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*\", \"versionEndExcluding\": \"9.80.49\", \"matchCriteriaId\": \"E20A1DAB-0D5B-4952-B4C0-A6A5808C49FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:axis:axis_os_2022:*:*:*:*:lts:*:*:*\", \"versionEndExcluding\": \"10.12.208\", \"matchCriteriaId\": \"2DC5A60B-0BD7-4ABC-8AA6-F1C8ED964EB2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Sandro Poppi, member of the AXIS OS Bug Bounty Program,\\n\\nhas found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\"}, {\"lang\": \"es\", \"value\": \"Sandro Poppi, miembro del programa AXIS OS Bug Bounty, descubri\\u00f3 que la API VAPIX enableoverlayimage.cgi era vulnerable a ataques de path traversal que permiten la eliminaci\\u00f3n de archivos/carpetas. Esta falla solo puede explotarse despu\\u00e9s de autenticarse con una cuenta de servicio con privilegios de operador o administrador. El impacto de explotar esta vulnerabilidad es menor con las cuentas de servicio del operador y se limita a archivos que no pertenecen al sistema en comparaci\\u00f3n con los privilegios de administrador. Axis ha lanzado versiones parcheadas del sistema operativo AXIS para la falla resaltada. Consulte el aviso de seguridad de Axis para obtener m\\u00e1s informaci\\u00f3n y soluciones.\"}]",
      "id": "CVE-2023-21417",
      "lastModified": "2024-11-21T07:42:49.323",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"product-security@axis.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 4.2}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 4.2}]}",
      "published": "2023-11-21T07:15:09.283",
      "references": "[{\"url\": \"https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf\", \"source\": \"product-security@axis.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "product-security@axis.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"product-security@axis.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-35\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-21417\",\"sourceIdentifier\":\"product-security@axis.com\",\"published\":\"2023-11-21T07:15:09.283\",\"lastModified\":\"2024-11-21T07:42:49.323\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Sandro Poppi, member of the AXIS OS Bug Bounty Program,\\n\\nhas found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\"},{\"lang\":\"es\",\"value\":\"Sandro Poppi, miembro del programa AXIS OS Bug Bounty, descubri\u00f3 que la API VAPIX enableoverlayimage.cgi era vulnerable a ataques de path traversal que permiten la eliminaci\u00f3n de archivos/carpetas. Esta falla solo puede explotarse despu\u00e9s de autenticarse con una cuenta de servicio con privilegios de operador o administrador. El impacto de explotar esta vulnerabilidad es menor con las cuentas de servicio del operador y se limita a archivos que no pertenecen al sistema en comparaci\u00f3n con los privilegios de administrador. Axis ha lanzado versiones parcheadas del sistema operativo AXIS para la falla resaltada. Consulte el aviso de seguridad de Axis para obtener m\u00e1s informaci\u00f3n y soluciones.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"product-security@axis.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"product-security@axis.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-35\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*\",\"versionEndExcluding\":\"11.7.57\",\"matchCriteriaId\":\"D4DE1198-6B4E-41BF-A97F-0EBD1B575D21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*\",\"versionEndExcluding\":\"9.80.49\",\"matchCriteriaId\":\"E20A1DAB-0D5B-4952-B4C0-A6A5808C49FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:axis:axis_os_2022:*:*:*:*:lts:*:*:*\",\"versionEndExcluding\":\"10.12.208\",\"matchCriteriaId\":\"2DC5A60B-0BD7-4ABC-8AA6-F1C8ED964EB2\"}]}]}],\"references\":[{\"url\":\"https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf\",\"source\":\"product-security@axis.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T09:36:34.511Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-21417\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-29T20:39:36.013734Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-29T20:39:42.492Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Axis Communications AB\", \"product\": \"AXIS OS\", \"versions\": [{\"status\": \"affected\", \"version\": \"AXIS OS 8.50 \\u2013 11.6\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Sandro Poppi, member of the AXIS OS Bug Bounty Program,\\n\\nhas found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Sandro Poppi, member of the AXIS OS Bug Bounty Program,\\n\\nhas found that the VAPIX API \u003ci\u003emanageoverlayimage.cgi\u003c/i\u003e was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-35\", \"description\": \"CWE-35: Path Traversal\"}]}], \"providerMetadata\": {\"orgId\": \"f2daf9a0-02c2-4b83-a01d-63b3b304b807\", \"shortName\": \"Axis\", \"dateUpdated\": \"2024-11-08T08:27:01.130Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-21417\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-11T13:59:30.672Z\", \"dateReserved\": \"2022-11-04T18:30:01.768Z\", \"assignerOrgId\": \"f2daf9a0-02c2-4b83-a01d-63b3b304b807\", \"datePublished\": \"2023-11-21T06:53:06.158Z\", \"assignerShortName\": \"Axis\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GSD-2023-21417

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-21417

Aliases

CVE-2023-21417

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-21417",
    "id": "GSD-2023-21417"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-21417"
      ],
      "details": "Sandro Poppi, member of the AXIS OS Bug Bounty Program,\n\nhas found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. \n\n\n\n",
      "id": "GSD-2023-21417",
      "modified": "2023-12-13T01:20:25.857562Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@axis.com",
        "ID": "CVE-2023-21417",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "AXIS OS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "AXIS OS 8.50 \u2013 11.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Axis Communications AB"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program,\n\nhas found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. \n\n\n\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf",
            "refsource": "MISC",
            "url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.7.57",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:axis:axis_os_2022:*:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.12.208",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.80.49",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@axis.com",
          "ID": "CVE-2023-21417"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program,\n\nhas found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. \n\n\n\n"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf",
              "refsource": "",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 4.2
        }
      },
      "lastModifiedDate": "2023-11-28T21:35Z",
      "publishedDate": "2023-11-21T07:15Z"
    }
  }
}

GHSA-967W-79J9-VX4X

Vulnerability from github – Published: 2023-11-21 09:30 – Updated: 2023-11-21 09:30

Details

Sandro Poppi, member of the AXIS OS Bug Bounty Program,

has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

Severity ?

7.1 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-21417"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-35"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-21T07:15:09Z",
    "severity": "HIGH"
  },
  "details": "Sandro Poppi, member of the AXIS OS Bug Bounty Program,\n\nhas found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. \n\n\n\n",
  "id": "GHSA-967w-79j9-vx4x",
  "modified": "2023-11-21T09:30:23Z",
  "published": "2023-11-21T09:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21417"
    },
    {
      "type": "WEB",
      "url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2023-21417

Vulnerability from fkie_nvd - Published: 2023-11-21 07:15 - Updated: 2024-11-21 07:42

Severity ?

7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Summary

References

	URL	Tags
	product-security@axis.com	https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
axis	axis_os	*
axis	axis_os_2020	*
axis	axis_os_2022	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*",
              "matchCriteriaId": "D4DE1198-6B4E-41BF-A97F-0EBD1B575D21",
              "versionEndExcluding": "11.7.57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "E20A1DAB-0D5B-4952-B4C0-A6A5808C49FD",
              "versionEndExcluding": "9.80.49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:axis:axis_os_2022:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "2DC5A60B-0BD7-4ABC-8AA6-F1C8ED964EB2",
              "versionEndExcluding": "10.12.208",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program,\n\nhas found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
    },
    {
      "lang": "es",
      "value": "Sandro Poppi, miembro del programa AXIS OS Bug Bounty, descubri\u00f3 que la API VAPIX enableoverlayimage.cgi era vulnerable a ataques de path traversal que permiten la eliminaci\u00f3n de archivos/carpetas. Esta falla solo puede explotarse despu\u00e9s de autenticarse con una cuenta de servicio con privilegios de operador o administrador. El impacto de explotar esta vulnerabilidad es menor con las cuentas de servicio del operador y se limita a archivos que no pertenecen al sistema en comparaci\u00f3n con los privilegios de administrador. Axis ha lanzado versiones parcheadas del sistema operativo AXIS para la falla resaltada. Consulte el aviso de seguridad de Axis para obtener m\u00e1s informaci\u00f3n y soluciones."
    }
  ],
  "id": "CVE-2023-21417",
  "lastModified": "2024-11-21T07:42:49.323",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2,
        "source": "product-security@axis.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-21T07:15:09.283",
  "references": [
    {
      "source": "product-security@axis.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
    }
  ],
  "sourceIdentifier": "product-security@axis.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-35"
        }
      ],
      "source": "product-security@axis.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2023-AVI-0984

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Axis. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Axis	N/A	AXIS OS versions 10.x antérieures à 10.12.213 (version en support étendu "LTS 2022")
Axis	N/A	AXIS OS versions 8.x antérieures à 8.40.37 (version en support étendu "LTS 2018")
Axis	N/A	AXIS OS versions 9.x antérieures à 9.80.49 (version en support étendu "LTS 2020")
Axis	N/A	AXIS OS versions antérieures à 6.50.5.15 pour les produits bénéficiant d'un support logiciel
Axis	N/A	AXIS OS versions 11.x antérieures à 11.7.57

References

Title

Publication Time

Tags

Bulletin de sécurité Axis cve-2023-5553 du 21 novembre 2023	None	vendor-advisory
Bulletin de sécurité Axis cve-2023-21417 du 21 novembre 2023	None	vendor-advisory
Bulletin de sécurité Axis cve-2023-21416 du 21 novembre 2023	None	vendor-advisory
Bulletin de sécurité Axis cve-2023-21418 du 21 novembre 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "AXIS OS versions 10.x ant\u00e9rieures \u00e0 10.12.213 (version en support \u00e9tendu \"LTS 2022\")",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Axis",
          "scada": false
        }
      }
    },
    {
      "description": "AXIS OS versions 8.x ant\u00e9rieures \u00e0 8.40.37 (version en support \u00e9tendu \"LTS 2018\")",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Axis",
          "scada": false
        }
      }
    },
    {
      "description": "AXIS OS versions 9.x ant\u00e9rieures \u00e0 9.80.49 (version en support \u00e9tendu \"LTS 2020\")",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Axis",
          "scada": false
        }
      }
    },
    {
      "description": "AXIS OS versions ant\u00e9rieures \u00e0 6.50.5.15 pour les produits b\u00e9n\u00e9ficiant d\u0027un support logiciel",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Axis",
          "scada": false
        }
      }
    },
    {
      "description": "AXIS OS versions 11.x ant\u00e9rieures \u00e0 11.7.57",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Axis",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-21418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21418"
    },
    {
      "name": "CVE-2023-21417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21417"
    },
    {
      "name": "CVE-2023-5553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5553"
    },
    {
      "name": "CVE-2023-21416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21416"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0984",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-11-29T00:00:00.000000"
    },
    {
      "description": "ajout avis \u00e9diteur cve-2023-5553",
      "revision_date": "2023-11-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Axis.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Axis",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Axis cve-2023-5553 du 21 novembre 2023",
      "url": "https://www.axis.com/dam/public/0a/66/25/cve-2023-5553-en-US-417789.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Axis cve-2023-21417 du 21 novembre 2023",
      "url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Axis cve-2023-21416 du 21 novembre 2023",
      "url": "https://www.axis.com/dam/public/35/2a/a6/cve-2023-21416-en-US-417790.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Axis cve-2023-21418 du 21 novembre 2023",
      "url": "https://www.axis.com/dam/public/49/93/55/cve-2023-21418-en-US-417792.pdf"
    }
  ]
}

CERTFR-2023-AVI-0984

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Axis	N/A	AXIS OS versions 10.x antérieures à 10.12.213 (version en support étendu "LTS 2022")
Axis	N/A	AXIS OS versions 8.x antérieures à 8.40.37 (version en support étendu "LTS 2018")
Axis	N/A	AXIS OS versions 9.x antérieures à 9.80.49 (version en support étendu "LTS 2020")
Axis	N/A	AXIS OS versions antérieures à 6.50.5.15 pour les produits bénéficiant d'un support logiciel
Axis	N/A	AXIS OS versions 11.x antérieures à 11.7.57

References

Title

Publication Time

Tags

Bulletin de sécurité Axis cve-2023-5553 du 21 novembre 2023	None	vendor-advisory
Bulletin de sécurité Axis cve-2023-21417 du 21 novembre 2023	None	vendor-advisory
Bulletin de sécurité Axis cve-2023-21416 du 21 novembre 2023	None	vendor-advisory
Bulletin de sécurité Axis cve-2023-21418 du 21 novembre 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "AXIS OS versions 10.x ant\u00e9rieures \u00e0 10.12.213 (version en support \u00e9tendu \"LTS 2022\")",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Axis",
          "scada": false
        }
      }
    },
    {
      "description": "AXIS OS versions 8.x ant\u00e9rieures \u00e0 8.40.37 (version en support \u00e9tendu \"LTS 2018\")",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Axis",
          "scada": false
        }
      }
    },
    {
      "description": "AXIS OS versions 9.x ant\u00e9rieures \u00e0 9.80.49 (version en support \u00e9tendu \"LTS 2020\")",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Axis",
          "scada": false
        }
      }
    },
    {
      "description": "AXIS OS versions ant\u00e9rieures \u00e0 6.50.5.15 pour les produits b\u00e9n\u00e9ficiant d\u0027un support logiciel",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Axis",
          "scada": false
        }
      }
    },
    {
      "description": "AXIS OS versions 11.x ant\u00e9rieures \u00e0 11.7.57",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Axis",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-21418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21418"
    },
    {
      "name": "CVE-2023-21417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21417"
    },
    {
      "name": "CVE-2023-5553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5553"
    },
    {
      "name": "CVE-2023-21416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21416"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0984",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-11-29T00:00:00.000000"
    },
    {
      "description": "ajout avis \u00e9diteur cve-2023-5553",
      "revision_date": "2023-11-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Axis.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Axis",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Axis cve-2023-5553 du 21 novembre 2023",
      "url": "https://www.axis.com/dam/public/0a/66/25/cve-2023-5553-en-US-417789.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Axis cve-2023-21417 du 21 novembre 2023",
      "url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Axis cve-2023-21416 du 21 novembre 2023",
      "url": "https://www.axis.com/dam/public/35/2a/a6/cve-2023-21416-en-US-417790.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Axis cve-2023-21418 du 21 novembre 2023",
      "url": "https://www.axis.com/dam/public/49/93/55/cve-2023-21418-en-US-417792.pdf"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-21417 (GCVE-0-2023-21417)

GSD-2023-21417

GHSA-967W-79J9-VX4X

FKIE_CVE-2023-21417

CERTFR-2023-AVI-0984

Solution

CERTFR-2023-AVI-0984

Solution

Tags

Sightings

Nomenclature