VAR-201712-0125
Vulnerability from variot - Updated: 2023-12-18 13:43ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources. According to the reporter, ACTi devices including D, B, I, and E series models using firmware version A1D-500-V6.11.31-AC are vulnerable to several issues. According to the reporter, ACTi Of the camera products provided by version A1D-500-V6.11.31-AC There are problems with multiple series using. The problem of lack of authentication for important functions (CWE-306) - CVE-2017-3184 These products do not have proper access restrictions for the configuration initialization function. A remote third party http://x.x.x.x/setup/setup_maintain_firmware-default.html like URL It is possible to initialize the product settings by directly accessing. This may interfere with service operation for the device. (DoS) Default password issue or cause weak (CVE-2017-3186) Can be used. GET Information leakage due to the query string included in the request (CWE-598) - CVE-2017-3185 The web interface of these products includes sensitive information such as usernames and passwords. GET Use the request. Therefore, it is possible to obtain such sensitive information from various histories such as browser history, referrer, and communication log. Weak default password (CWE-521) - CVE-2017-3186 The default settings for these products use the same authentication information for all devices. If you are using the default settings, a remote third party can log in with your administrator credentials and have complete control of the device.A remote third party initializes the device to the factory default settings, obtains sensitive information such as a user name and password, or logs in to the device as an administrator using the initial authentication information. There is likely to be. ACTiISeries and others are ACTi's series of network surveillance cameras. There are security vulnerabilities in several ACTi products. A remote attacker can exploit a vulnerability to submit a special request for sensitive information. An authentication-bypass vulnerability. 2. An information disclosure vulnerability. 3. An attacker can exploit these issues to bypass certain security restrictions, perform certain unauthorized actions , bypass the authentication mechanism and compromise the application; This may aid in further attacks. There is a security vulnerability, which stems from the fact that the program uses the GET method to process requests
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0125",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "camera",
"scope": "eq",
"trust": 1.6,
"vendor": "acti",
"version": "a1d-500-v6.11.31-ac"
},
{
"model": "b series a1d-500-v6.11.31-ac",
"scope": null,
"trust": 0.9,
"vendor": "acti",
"version": null
},
{
"model": "d series a1d-500-v6.11.31-ac",
"scope": null,
"trust": 0.9,
"vendor": "acti",
"version": null
},
{
"model": "e series a1d-500-v6.11.31-ac",
"scope": null,
"trust": 0.9,
"vendor": "acti",
"version": null
},
{
"model": "i series a1d-500-v6.11.31-ac",
"scope": null,
"trust": 0.9,
"vendor": "acti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "acti",
"version": null
},
{
"model": "camera",
"scope": "eq",
"trust": 0.8,
"vendor": "acti",
"version": "version a1d-500-v6.11.31-ac using d"
},
{
"model": "camera",
"scope": "eq",
"trust": 0.8,
"vendor": "acti",
"version": "b"
},
{
"model": "camera",
"scope": "eq",
"trust": 0.8,
"vendor": "acti",
"version": "i"
},
{
"model": "camera",
"scope": "eq",
"trust": 0.8,
"vendor": "acti",
"version": "e series"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#355151"
},
{
"db": "CNVD",
"id": "CNVD-2017-04256"
},
{
"db": "BID",
"id": "96720"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003933"
},
{
"db": "NVD",
"id": "CVE-2017-3185"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-357"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:acti:camera_firmware:a1d-500-v6.11.31-ac:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3185"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mandar Jadhav",
"sources": [
{
"db": "BID",
"id": "96720"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-357"
}
],
"trust": 0.9
},
"cve": "CVE-2017-3185",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2017-003933",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-04256",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-111388",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-3185",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-003933",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3185",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "IPA",
"id": "JVNDB-2017-003933",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-04256",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-357",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-111388",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-3185",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04256"
},
{
"db": "VULHUB",
"id": "VHN-111388"
},
{
"db": "VULMON",
"id": "CVE-2017-3185"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003933"
},
{
"db": "NVD",
"id": "CVE-2017-3185"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-357"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser\u0027s history, referrers, web logs, and other sources. According to the reporter, ACTi devices including D, B, I, and E series models using firmware version A1D-500-V6.11.31-AC are vulnerable to several issues. According to the reporter, ACTi Of the camera products provided by version A1D-500-V6.11.31-AC There are problems with multiple series using. The problem of lack of authentication for important functions (CWE-306) - CVE-2017-3184 These products do not have proper access restrictions for the configuration initialization function. A remote third party http://x.x.x.x/setup/setup_maintain_firmware-default.html like URL It is possible to initialize the product settings by directly accessing. This may interfere with service operation for the device. (DoS) Default password issue or cause weak (CVE-2017-3186) Can be used. GET Information leakage due to the query string included in the request (CWE-598) - CVE-2017-3185 The web interface of these products includes sensitive information such as usernames and passwords. GET Use the request. Therefore, it is possible to obtain such sensitive information from various histories such as browser history, referrer, and communication log. Weak default password (CWE-521) - CVE-2017-3186 The default settings for these products use the same authentication information for all devices. If you are using the default settings, a remote third party can log in with your administrator credentials and have complete control of the device.A remote third party initializes the device to the factory default settings, obtains sensitive information such as a user name and password, or logs in to the device as an administrator using the initial authentication information. There is likely to be. ACTiISeries and others are ACTi\u0027s series of network surveillance cameras. There are security vulnerabilities in several ACTi products. A remote attacker can exploit a vulnerability to submit a special request for sensitive information. An authentication-bypass vulnerability. \n2. An information disclosure vulnerability. \n3. \nAn attacker can exploit these issues to bypass certain security restrictions, perform certain unauthorized actions , bypass the authentication mechanism and compromise the application; This may aid in further attacks. There is a security vulnerability, which stems from the fact that the program uses the GET method to process requests",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3185"
},
{
"db": "CERT/CC",
"id": "VU#355151"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003933"
},
{
"db": "CNVD",
"id": "CNVD-2017-04256"
},
{
"db": "BID",
"id": "96720"
},
{
"db": "VULHUB",
"id": "VHN-111388"
},
{
"db": "VULMON",
"id": "CVE-2017-3185"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#355151",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2017-3185",
"trust": 3.5
},
{
"db": "BID",
"id": "96720",
"trust": 2.7
},
{
"db": "JVN",
"id": "JVNVU92233464",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003933",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-357",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-04256",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-111388",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-3185",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#355151"
},
{
"db": "CNVD",
"id": "CNVD-2017-04256"
},
{
"db": "VULHUB",
"id": "VHN-111388"
},
{
"db": "VULMON",
"id": "CVE-2017-3185"
},
{
"db": "BID",
"id": "96720"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003933"
},
{
"db": "NVD",
"id": "CVE-2017-3185"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-357"
}
]
},
"id": "VAR-201712-0125",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04256"
},
{
"db": "VULHUB",
"id": "VHN-111388"
}
],
"trust": 1.575
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04256"
}
]
},
"last_update_date": "2023-12-18T13:43:53.064000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Product List",
"trust": 0.8,
"url": "https://www.acti.com/productselector/"
},
{
"title": "Patches for multiple ACTi product sensitive information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/91486"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04256"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003933"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
},
{
"problemtype": "CWE-598",
"trust": 0.8
},
{
"problemtype": "CWE-306",
"trust": 0.8
},
{
"problemtype": "CWE-521",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111388"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003933"
},
{
"db": "NVD",
"id": "CVE-2017-3185"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://www.kb.cert.org/vuls/id/355151"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/96720/info"
},
{
"trust": 1.8,
"url": "https://twitter.com/hfuhs/status/839252357221330944"
},
{
"trust": 1.8,
"url": "https://twitter.com/hack3rsca/status/839599437907386368"
},
{
"trust": 0.8,
"url": "http://www.acti.com/"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/306.html"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/521.html"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/598.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3184"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3185"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3186"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu92233464/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3184"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3185"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3186"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/96720"
},
{
"trust": 0.3,
"url": "http://www.acti.com/home/index.asp"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#355151"
},
{
"db": "CNVD",
"id": "CNVD-2017-04256"
},
{
"db": "VULHUB",
"id": "VHN-111388"
},
{
"db": "VULMON",
"id": "CVE-2017-3185"
},
{
"db": "BID",
"id": "96720"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003933"
},
{
"db": "NVD",
"id": "CVE-2017-3185"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-357"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#355151"
},
{
"db": "CNVD",
"id": "CNVD-2017-04256"
},
{
"db": "VULHUB",
"id": "VHN-111388"
},
{
"db": "VULMON",
"id": "CVE-2017-3185"
},
{
"db": "BID",
"id": "96720"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003933"
},
{
"db": "NVD",
"id": "CVE-2017-3185"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-357"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-07T00:00:00",
"db": "CERT/CC",
"id": "VU#355151"
},
{
"date": "2017-04-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-04256"
},
{
"date": "2017-12-16T00:00:00",
"db": "VULHUB",
"id": "VHN-111388"
},
{
"date": "2017-12-16T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3185"
},
{
"date": "2017-03-07T00:00:00",
"db": "BID",
"id": "96720"
},
{
"date": "2017-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003933"
},
{
"date": "2017-12-16T02:29:10.137000",
"db": "NVD",
"id": "CVE-2017-3185"
},
{
"date": "2017-03-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-357"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-07T00:00:00",
"db": "CERT/CC",
"id": "VU#355151"
},
{
"date": "2017-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-04256"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-111388"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3185"
},
{
"date": "2017-03-16T01:00:00",
"db": "BID",
"id": "96720"
},
{
"date": "2018-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003933"
},
{
"date": "2019-10-09T23:27:20.290000",
"db": "NVD",
"id": "CVE-2017-3185"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-357"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-357"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ACTi cameras models from the D, B, I, and E series contain multiple security vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#355151"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-357"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…