An authentication downgrade in the server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to achieve HTTP access to the camera.
References
Configurations
Configuration 1 (hide)
AND |
|
History
08 Aug 2023, 14:21
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
28 Jul 2023, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Jul 2022, 01:44
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
First Time |
Axis
Axis m1125 Citilog citilog Citilog |
|
References | (MISC) https://github.com/ErwanBroquaire/citilog-8.0-vulnerability - Third Party Advisory | |
References | (MISC) https://www.citilog.com - Product | |
CPE | cpe:2.3:a:citilog:citilog:8.0:*:*:*:*:*:*:* cpe:2.3:h:axis:m1125:-:*:*:*:*:*:*:* |
|
CWE | CWE-287 |
21 Jul 2022, 16:32
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-07-21 16:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-28860
Mitre link : CVE-2022-28860
CVE.ORG link : CVE-2022-28860
JSON object : View
Products Affected
citilog
- citilog
axis
- m1125
CWE