A vulnerability, was found in legacy Axis devices such as P3225 and M3005. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
07 Nov 2023, 02:43
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.axis.com/dam/public/df/f3/dd/cve-2017-20049-en-US-376956.pdf - |
07 Sep 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability, was found in legacy Axis devices such as P3225 and M3005. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. | |
References |
|
|
24 Jun 2022, 19:11
Type | Values Removed | Values Added |
---|---|---|
First Time |
Axis p3225
Axis p1204 Axis m3007 Firmware Axis p3367 Firmware Axis p1204 Firmware Axis m3005 Firmware Axis m3045 Firmware Axis m3045 Axis m3007 Axis Axis p3367 Axis p3225 Firmware Axis m3005 |
|
CWE | CWE-269 | |
CPE | cpe:2.3:o:axis:m3005_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:axis:p3367:-:*:*:*:*:*:*:* cpe:2.3:o:axis:m3045_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:axis:m3007:-:*:*:*:*:*:*:* cpe:2.3:o:axis:p1204_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:axis:p3225:-:*:*:*:*:*:*:* cpe:2.3:h:axis:m3005:-:*:*:*:*:*:*:* cpe:2.3:o:axis:m3007_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:axis:m3045:-:*:*:*:*:*:*:* cpe:2.3:o:axis:p3367_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:axis:p3225_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:axis:p1204:-:*:*:*:*:*:*:* |
|
References | (N/A) https://vuldb.com/?id.98913 - Third Party Advisory | |
References | (N/A) http://seclists.org/fulldisclosure/2017/Mar/41 - Exploit, Mailing List, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
15 Jun 2022, 18:46
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-15 18:15
Updated : 2023-12-10 14:22
NVD link : CVE-2017-20049
Mitre link : CVE-2017-20049
CVE.ORG link : CVE-2017-20049
JSON object : View
Products Affected
axis
- m3007_firmware
- m3045
- m3005_firmware
- m3045_firmware
- p1204_firmware
- p3367_firmware
- p3225_firmware
- p3367
- p1204
- p3225
- m3007
- m3005
CWE
CWE-269
Improper Privilege Management