FKIE_CVE-2023-28809
Vulnerability from fkie_nvd - Published: 2023-06-15 19:15 - Updated: 2024-11-21 07:56
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320efwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB2BA1B-B272-4B4E-BB2C-3EE2D267CA81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320efwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7140EB24-E7B5-4F86-9A5C-0D88D1DA90C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320efx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAA72A5-4E87-4ADD-B9BC-1A873A861938",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320efx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21D67B36-A2A7-42E2-A7FB-6BBF3A973E37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320ewx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "679EECBE-B875-4D58-98CE-335E9EAF8B25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320ewx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4694AEF-26C6-4B03-BCCB-3683CF788085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A885F112-F486-4293-A1A7-B69FEB8F1E4F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C45E6F-34DD-4B08-A87F-D9E7D9775ED1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mfwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0711E27-DE19-4639-BF8E-A48FC5A5472D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mfwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9B3F47-00F9-4C77-AFAF-25D6154E4C15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mfx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5EB0FE7-3884-4088-A0E2-CF04A5D8C6C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mfx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C842855-FD06-412E-9B88-EDC8B419E87F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35741C9C-4CE7-4196-988F-C623FFD98279",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "541C2F9D-E8D1-4928-B3DE-902B51B33A56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t320mx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF3ED7E-3041-4F50-8265-A9F75BC6FC52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t320mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39668BE9-C9D5-4747-A7EA-EC3C9ADC64B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t341am_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85524CE8-644F-4E8B-B61F-EBD4188F356B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t341am:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F12C75F-FEA4-478D-968A-9B864C49CBFE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t341amf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19543853-5D0A-437A-8CDF-236D862D7F9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t341amf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E8A304-F67E-4C0E-995B-719E9AFD2791",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t341cm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A853DC4-2BE1-4709-BCCA-AE0420DC8414",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t341cm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "624D45FC-FC44-4A02-AE3F-23AD132290B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t343ewx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8B098D-7B32-42A3-ABA0-6148AF132750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t343ewx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98F2425-FCB9-40DE-BCE0-3CA9BA6067BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t343ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "644FF6D6-CD32-44D1-A629-6FE0FC2F2025",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t343ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EB3496-4191-4092-961C-5F68D7A99EF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t343mwx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AD49A-F965-493A-8EA6-7F10EDD049E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t343mwx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7416B8F5-2918-4418-8A5C-860C5A236BCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t343mx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9CF5F7-31FD-4247-A05F-2425B00F551F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t343mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4D8C07-AB2F-4E97-B3E9-C97EFAD3F017",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE328C4-08C2-436B-A95E-E03A0D96662F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B322AE4-4BE3-46EE-BFFD-730274270D52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B0D6A71-EA45-4A29-A98F-3B7F46AFCED6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4902A1D4-7DF1-4718-BF06-DD6E7EE43E8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671mf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB663C89-06C3-49F9-8316-A9F3883A8488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671mf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFBF47B3-0575-47C7-81E6-43E52411EA4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55E53965-E177-44B0-AB95-80323745741D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABB7E6B-3B39-4D18-A900-FB9818087085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A95CBFF1-3E92-4080-9B57-185EFEB3D6A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "050D18D3-868E-47DE-8ACF-55C0278F36DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tm-3xf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D62D9A96-8A4A-488B-87CB-4A88531F483B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tm-3xf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7844556-1139-4E47-83BF-74E245AB64DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tmf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8680383B-7404-4C52-878B-4017C5505298",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tmf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9D7580-7608-466A-9EC2-49891138C31C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tmfw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E59B90D-F25D-4A59-A0EA-17ED42C99500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tmfw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FAC44FD-D7D4-4499-BD3C-6FA15D0C058F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t671tmw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3FC30B-562F-432F-B804-62362E5E2F6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t671tmw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3C9724-1422-45A2-BFA4-D0132D090CCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t804af_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A641FCD-EB20-4B0E-A536-AD29ABA9FF6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t804af:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2888DD-2FBC-453F-ADED-2134D526EB7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-k1t804amf_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47C3FB28-D6FE-4455-A71C-C8BD082D092B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-k1t804amf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F0BEA6-D675-4B8D-AEE3-44A63C7107D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user."
}
],
"id": "CVE-2023-28809",
"lastModified": "2024-11-21T07:56:03.600",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "hsrc@hikvision.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-15T19:15:10.537",
"references": [
{
"source": "hsrc@hikvision.com",
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
},
{
"source": "hsrc@hikvision.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
}
],
"sourceIdentifier": "hsrc@hikvision.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "hsrc@hikvision.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…