CVE-2023-28809 (GCVE-0-2023-28809)

Vulnerability from cvelistv5 – Published: 2023-06-15 00:00 – Updated: 2024-12-18 16:24
VLAI?
Summary
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE
  • CWE-284 - Improper Access Control
Assigner
References
Impacted products
Vendor Product Version
hikvision DS-K1T804AXX Affected: V1.4.0_build221212 , < V1.4.0_build221212 (custom)
Create a notification for this product.
    hikvision DS-K1T341AXX Affected: V3.2.30_build221223 , < V3.2.30_build221223 (custom)
Create a notification for this product.
    hikvision DS-K1T671XXX Affected: V3.2.30_build221223 , < V3.2.30_build221223 (custom)
Create a notification for this product.
    hikvision DS-K1T343XXX Affected: V3.14.0_build230117 , < V3.14.0_build230117 (custom)
Create a notification for this product.
    hikvision DS-K1T341C Affected: V3.3.8_build230112 , < V3.3.8_build230112 (custom)
Create a notification for this product.
    hikvision DS-K1T320XXX Affected: V3.5.0_build220706 , < V3.5.0_build220706 (custom)
Create a notification for this product.
Credits
Andres Hinnosaar
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:51:38.488Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28809",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-18T16:22:10.570445Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-18T16:24:05.385Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DS-K1T804AXX",
          "vendor": "hikvision",
          "versions": [
            {
              "lessThan": "V1.4.0_build221212",
              "status": "affected",
              "version": "V1.4.0_build221212",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "DS-K1T341AXX",
          "vendor": "hikvision",
          "versions": [
            {
              "lessThan": "V3.2.30_build221223",
              "status": "affected",
              "version": "V3.2.30_build221223",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "DS-K1T671XXX",
          "vendor": "hikvision",
          "versions": [
            {
              "lessThan": "V3.2.30_build221223",
              "status": "affected",
              "version": "V3.2.30_build221223",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "DS-K1T343XXX",
          "vendor": "hikvision",
          "versions": [
            {
              "lessThan": "V3.14.0_build230117",
              "status": "affected",
              "version": "V3.14.0_build230117",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "DS-K1T341C",
          "vendor": "hikvision",
          "versions": [
            {
              "lessThan": "V3.3.8_build230112",
              "status": "affected",
              "version": "V3.3.8_build230112",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "DS-K1T320XXX",
          "vendor": "hikvision",
          "versions": [
            {
              "lessThan": "V3.5.0_build220706",
              "status": "affected",
              "version": "V3.5.0_build220706",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Andres Hinnosaar"
        }
      ],
      "datePublic": "2023-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284 Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-05T16:06:26.704372",
        "orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
        "shortName": "hikvision"
      },
      "references": [
        {
          "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
        },
        {
          "url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "https://www.hikvision.com/en/support/download/firmware/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
    "assignerShortName": "hikvision",
    "cveId": "CVE-2023-28809",
    "datePublished": "2023-06-15T00:00:00",
    "dateReserved": "2023-03-23T00:00:00",
    "dateUpdated": "2024-12-18T16:24:05.385Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t320efwx_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AB2BA1B-B272-4B4E-BB2C-3EE2D267CA81\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t320efwx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7140EB24-E7B5-4F86-9A5C-0D88D1DA90C7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t320efx_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCAA72A5-4E87-4ADD-B9BC-1A873A861938\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t320efx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21D67B36-A2A7-42E2-A7FB-6BBF3A973E37\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t320ewx_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"679EECBE-B875-4D58-98CE-335E9EAF8B25\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t320ewx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4694AEF-26C6-4B03-BCCB-3683CF788085\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t320ex_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A885F112-F486-4293-A1A7-B69FEB8F1E4F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t320ex:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4C45E6F-34DD-4B08-A87F-D9E7D9775ED1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t320mfwx_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0711E27-DE19-4639-BF8E-A48FC5A5472D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t320mfwx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC9B3F47-00F9-4C77-AFAF-25D6154E4C15\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t320mfx_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5EB0FE7-3884-4088-A0E2-CF04A5D8C6C0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t320mfx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C842855-FD06-412E-9B88-EDC8B419E87F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t320mwx_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35741C9C-4CE7-4196-988F-C623FFD98279\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t320mwx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"541C2F9D-E8D1-4928-B3DE-902B51B33A56\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t320mx_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BF3ED7E-3041-4F50-8265-A9F75BC6FC52\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t320mx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39668BE9-C9D5-4747-A7EA-EC3C9ADC64B0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t341am_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85524CE8-644F-4E8B-B61F-EBD4188F356B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t341am:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F12C75F-FEA4-478D-968A-9B864C49CBFE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t341amf_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19543853-5D0A-437A-8CDF-236D862D7F9E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t341amf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85E8A304-F67E-4C0E-995B-719E9AFD2791\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t341cm_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A853DC4-2BE1-4709-BCCA-AE0420DC8414\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t341cm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"624D45FC-FC44-4A02-AE3F-23AD132290B4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t343ewx_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F8B098D-7B32-42A3-ABA0-6148AF132750\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t343ewx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D98F2425-FCB9-40DE-BCE0-3CA9BA6067BF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t343ex_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"644FF6D6-CD32-44D1-A629-6FE0FC2F2025\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t343ex:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4EB3496-4191-4092-961C-5F68D7A99EF6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t343mwx_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"140AD49A-F965-493A-8EA6-7F10EDD049E6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t343mwx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7416B8F5-2918-4418-8A5C-860C5A236BCA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t343mx_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D9CF5F7-31FD-4247-A05F-2425B00F551F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t343mx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D4D8C07-AB2F-4E97-B3E9-C97EFAD3F017\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t671_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CE328C4-08C2-436B-A95E-E03A0D96662F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t671:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B322AE4-4BE3-46EE-BFFD-730274270D52\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t671m_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B0D6A71-EA45-4A29-A98F-3B7F46AFCED6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t671m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4902A1D4-7DF1-4718-BF06-DD6E7EE43E8E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t671mf_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB663C89-06C3-49F9-8316-A9F3883A8488\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t671mf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFBF47B3-0575-47C7-81E6-43E52411EA4D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t671t_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55E53965-E177-44B0-AB95-80323745741D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t671t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2ABB7E6B-3B39-4D18-A900-FB9818087085\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t671tm_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A95CBFF1-3E92-4080-9B57-185EFEB3D6A2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t671tm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"050D18D3-868E-47DE-8ACF-55C0278F36DD\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t671tm-3xf_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D62D9A96-8A4A-488B-87CB-4A88531F483B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t671tm-3xf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7844556-1139-4E47-83BF-74E245AB64DC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t671tmf_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8680383B-7404-4C52-878B-4017C5505298\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t671tmf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F9D7580-7608-466A-9EC2-49891138C31C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t671tmfw_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E59B90D-F25D-4A59-A0EA-17ED42C99500\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t671tmfw:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4FAC44FD-D7D4-4499-BD3C-6FA15D0C058F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t671tmw_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B3FC30B-562F-432F-B804-62362E5E2F6F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t671tmw:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE3C9724-1422-45A2-BFA4-D0132D090CCD\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t804af_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A641FCD-EB20-4B0E-A536-AD29ABA9FF6D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t804af:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF2888DD-2FBC-453F-ADED-2134D526EB7A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hikvision:ds-k1t804amf_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47C3FB28-D6FE-4455-A71C-C8BD082D092B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hikvision:ds-k1t804amf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81F0BEA6-D675-4B8D-AEE3-44A63C7107D5\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.\"}]",
      "id": "CVE-2023-28809",
      "lastModified": "2024-11-21T07:56:03.600",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"hsrc@hikvision.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 5.9}]}",
      "published": "2023-06-15T19:15:10.537",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html\", \"source\": \"hsrc@hikvision.com\"}, {\"url\": \"https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/\", \"source\": \"hsrc@hikvision.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "hsrc@hikvision.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"hsrc@hikvision.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-384\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-28809\",\"sourceIdentifier\":\"hsrc@hikvision.com\",\"published\":\"2023-06-15T19:15:10.537\",\"lastModified\":\"2024-11-21T07:56:03.600\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"hsrc@hikvision.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"hsrc@hikvision.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-384\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t320efwx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB2BA1B-B272-4B4E-BB2C-3EE2D267CA81\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t320efwx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7140EB24-E7B5-4F86-9A5C-0D88D1DA90C7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t320efx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCAA72A5-4E87-4ADD-B9BC-1A873A861938\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t320efx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21D67B36-A2A7-42E2-A7FB-6BBF3A973E37\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t320ewx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"679EECBE-B875-4D58-98CE-335E9EAF8B25\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t320ewx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4694AEF-26C6-4B03-BCCB-3683CF788085\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t320ex_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A885F112-F486-4293-A1A7-B69FEB8F1E4F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t320ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4C45E6F-34DD-4B08-A87F-D9E7D9775ED1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t320mfwx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0711E27-DE19-4639-BF8E-A48FC5A5472D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t320mfwx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC9B3F47-00F9-4C77-AFAF-25D6154E4C15\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t320mfx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5EB0FE7-3884-4088-A0E2-CF04A5D8C6C0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t320mfx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C842855-FD06-412E-9B88-EDC8B419E87F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t320mwx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35741C9C-4CE7-4196-988F-C623FFD98279\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t320mwx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"541C2F9D-E8D1-4928-B3DE-902B51B33A56\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t320mx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BF3ED7E-3041-4F50-8265-A9F75BC6FC52\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t320mx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39668BE9-C9D5-4747-A7EA-EC3C9ADC64B0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t341am_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85524CE8-644F-4E8B-B61F-EBD4188F356B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t341am:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F12C75F-FEA4-478D-968A-9B864C49CBFE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t341amf_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19543853-5D0A-437A-8CDF-236D862D7F9E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t341amf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85E8A304-F67E-4C0E-995B-719E9AFD2791\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t341cm_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A853DC4-2BE1-4709-BCCA-AE0420DC8414\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t341cm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"624D45FC-FC44-4A02-AE3F-23AD132290B4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t343ewx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F8B098D-7B32-42A3-ABA0-6148AF132750\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t343ewx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D98F2425-FCB9-40DE-BCE0-3CA9BA6067BF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t343ex_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"644FF6D6-CD32-44D1-A629-6FE0FC2F2025\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t343ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4EB3496-4191-4092-961C-5F68D7A99EF6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t343mwx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"140AD49A-F965-493A-8EA6-7F10EDD049E6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t343mwx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7416B8F5-2918-4418-8A5C-860C5A236BCA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t343mx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D9CF5F7-31FD-4247-A05F-2425B00F551F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t343mx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D4D8C07-AB2F-4E97-B3E9-C97EFAD3F017\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t671_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CE328C4-08C2-436B-A95E-E03A0D96662F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t671:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B322AE4-4BE3-46EE-BFFD-730274270D52\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t671m_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B0D6A71-EA45-4A29-A98F-3B7F46AFCED6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t671m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4902A1D4-7DF1-4718-BF06-DD6E7EE43E8E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t671mf_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB663C89-06C3-49F9-8316-A9F3883A8488\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t671mf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFBF47B3-0575-47C7-81E6-43E52411EA4D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t671t_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55E53965-E177-44B0-AB95-80323745741D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t671t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ABB7E6B-3B39-4D18-A900-FB9818087085\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t671tm_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A95CBFF1-3E92-4080-9B57-185EFEB3D6A2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t671tm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"050D18D3-868E-47DE-8ACF-55C0278F36DD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t671tm-3xf_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D62D9A96-8A4A-488B-87CB-4A88531F483B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t671tm-3xf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7844556-1139-4E47-83BF-74E245AB64DC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t671tmf_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8680383B-7404-4C52-878B-4017C5505298\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t671tmf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F9D7580-7608-466A-9EC2-49891138C31C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t671tmfw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E59B90D-F25D-4A59-A0EA-17ED42C99500\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t671tmfw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FAC44FD-D7D4-4499-BD3C-6FA15D0C058F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t671tmw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B3FC30B-562F-432F-B804-62362E5E2F6F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t671tmw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE3C9724-1422-45A2-BFA4-D0132D090CCD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t804af_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A641FCD-EB20-4B0E-A536-AD29ABA9FF6D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t804af:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF2888DD-2FBC-453F-ADED-2134D526EB7A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hikvision:ds-k1t804amf_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47C3FB28-D6FE-4455-A71C-C8BD082D092B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hikvision:ds-k1t804amf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F0BEA6-D675-4B8D-AEE3-44A63C7107D5\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html\",\"source\":\"hsrc@hikvision.com\"},{\"url\":\"https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/\",\"source\":\"hsrc@hikvision.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T13:51:38.488Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-28809\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-18T16:22:10.570445Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-18T16:23:31.072Z\"}}], \"cna\": {\"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Andres Hinnosaar\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"hikvision\", \"product\": \"DS-K1T804AXX\", \"versions\": [{\"status\": \"affected\", \"version\": \"V1.4.0_build221212\", \"lessThan\": \"V1.4.0_build221212\", \"versionType\": \"custom\"}]}, {\"vendor\": \"hikvision\", \"product\": \"DS-K1T341AXX\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.2.30_build221223\", \"lessThan\": \"V3.2.30_build221223\", \"versionType\": \"custom\"}]}, {\"vendor\": \"hikvision\", \"product\": \"DS-K1T671XXX\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.2.30_build221223\", \"lessThan\": \"V3.2.30_build221223\", \"versionType\": \"custom\"}]}, {\"vendor\": \"hikvision\", \"product\": \"DS-K1T343XXX\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.14.0_build230117\", \"lessThan\": \"V3.14.0_build230117\", \"versionType\": \"custom\"}]}, {\"vendor\": \"hikvision\", \"product\": \"DS-K1T341C\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.3.8_build230112\", \"lessThan\": \"V3.3.8_build230112\", \"versionType\": \"custom\"}]}, {\"vendor\": \"hikvision\", \"product\": \"DS-K1T320XXX\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.5.0_build220706\", \"lessThan\": \"V3.5.0_build220706\", \"versionType\": \"custom\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"https://www.hikvision.com/en/support/download/firmware/\"}], \"datePublic\": \"2023-06-14T00:00:00\", \"references\": [{\"url\": \"https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/\"}, {\"url\": \"http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284 Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"da451dce-859b-4e51-8b87-9c8b60d19b32\", \"shortName\": \"hikvision\", \"dateUpdated\": \"2023-09-05T16:06:26.704372\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-28809\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-18T16:24:05.385Z\", \"dateReserved\": \"2023-03-23T00:00:00\", \"assignerOrgId\": \"da451dce-859b-4e51-8b87-9c8b60d19b32\", \"datePublished\": \"2023-06-15T00:00:00\", \"assignerShortName\": \"hikvision\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.