CVE-2023-28809

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-28809
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html
https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t320efwx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320efwx:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t320efx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320efx:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t320ewx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320ewx:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t320ex_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320ex:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t320mfwx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320mfwx:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t320mfx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320mfx:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t320mwx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320mwx:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t320mx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320mx:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t341am_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t341am:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t341amf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t341amf:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t341cm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t341cm:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t343ewx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t343ewx:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t343ex_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t343ex:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t343mwx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t343mwx:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t343mx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t343mx:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t671_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t671m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671m:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t671mf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671mf:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t671t_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671t:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t671tm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671tm:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t671tm-3xf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671tm-3xf:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t671tmf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671tmf:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t671tmfw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671tmfw:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t671tmw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671tmw:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t804af_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t804af:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:hikvision:ds-k1t804amf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t804amf:-:*:*:*:*:*:*:*
History

05 Sep 2023, 17:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html -

30 Jun 2023, 00:08

Type Values Removed Values Added
References (MISC) https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/ - (MISC) https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/ - Vendor Advisory
First Time Hikvision ds-k1t671tmfw
Hikvision ds-k1t671tmw Firmware
Hikvision ds-k1t343ex Firmware
Hikvision ds-k1t671t
Hikvision ds-k1t671tm Firmware
Hikvision ds-k1t320mwx
Hikvision ds-k1t320mfx
Hikvision ds-k1t804amf
Hikvision ds-k1t671m Firmware
Hikvision ds-k1t671mf Firmware
Hikvision ds-k1t671m
Hikvision ds-k1t320efwx Firmware
Hikvision ds-k1t671tmf
Hikvision ds-k1t341am Firmware
Hikvision ds-k1t341amf Firmware
Hikvision ds-k1t343mx Firmware
Hikvision ds-k1t671
Hikvision ds-k1t804af
Hikvision ds-k1t341cm
Hikvision ds-k1t343ewx
Hikvision ds-k1t671mf
Hikvision ds-k1t320ewx Firmware
Hikvision ds-k1t671tmfw Firmware
Hikvision ds-k1t343mwx Firmware
Hikvision ds-k1t320mfwx
Hikvision ds-k1t320efx
Hikvision ds-k1t804amf Firmware
Hikvision ds-k1t343mwx
Hikvision ds-k1t671tm
Hikvision ds-k1t320mx Firmware
Hikvision ds-k1t341amf
Hikvision ds-k1t671t Firmware
Hikvision ds-k1t343ex
Hikvision ds-k1t320mfwx Firmware
Hikvision ds-k1t320ex Firmware
Hikvision ds-k1t341am
Hikvision ds-k1t341cm Firmware
Hikvision ds-k1t671tm-3xf
Hikvision ds-k1t671tmw
Hikvision ds-k1t804af Firmware
Hikvision ds-k1t320efx Firmware
Hikvision ds-k1t320mwx Firmware
Hikvision ds-k1t320efwx
Hikvision ds-k1t671 Firmware
Hikvision ds-k1t320ewx
Hikvision ds-k1t320ex
Hikvision ds-k1t343mx
Hikvision
Hikvision ds-k1t320mx
Hikvision ds-k1t671tmf Firmware
Hikvision ds-k1t671tm-3xf Firmware
Hikvision ds-k1t320mfx Firmware
Hikvision ds-k1t343ewx Firmware
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
CWE CWE-384
CPE cpe:2.3:o:hikvision:ds-k1t671m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t343mx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671tmw:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t671tmfw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t341amf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t320mfwx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t343ewx:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t341am_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671mf:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t320mwx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t671tmf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t671tm-3xf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t320efx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320mwx:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t320ex_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t671_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t671mf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t804af:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671m:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320ewx:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671tmf:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t671tmw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t343mwx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320mx:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t341cm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320efx:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t671t_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671t:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320ex:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t343mwx:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320efwx:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320mfwx:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t343ex:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t804af_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t341amf:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t320mx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t341cm:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t320mfx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t804amf:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671tm:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t320ewx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t343ex_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t341am:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t320efwx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t343mx:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t320mfx:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671tm-3xf:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-k1t671tmfw:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t804amf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t343ewx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:hikvision:ds-k1t671tm_firmware:-:*:*:*:*:*:*:*

15 Jun 2023, 20:46

Type Values Removed Values Added
New CVE
Information

Published : 2023-06-15 19:15

Updated : 2023-12-10 15:01

NVD link : CVE-2023-28809

Mitre link : CVE-2023-28809

CVE.ORG link : CVE-2023-28809

JSON object : View

Products Affected

hikvision

  • ds-k1t320mx_firmware
  • ds-k1t343mwx_firmware
  • ds-k1t320mwx
  • ds-k1t341amf_firmware
  • ds-k1t671_firmware
  • ds-k1t320ex
  • ds-k1t671tm-3xf_firmware
  • ds-k1t320ex_firmware
  • ds-k1t320efwx
  • ds-k1t343ewx_firmware
  • ds-k1t671tmw
  • ds-k1t671m_firmware
  • ds-k1t320ewx
  • ds-k1t671
  • ds-k1t671tmw_firmware
  • ds-k1t804af
  • ds-k1t671tmf_firmware
  • ds-k1t671tm
  • ds-k1t671t
  • ds-k1t320mfx
  • ds-k1t320mfx_firmware
  • ds-k1t671m
  • ds-k1t320mwx_firmware
  • ds-k1t320mfwx_firmware
  • ds-k1t341am_firmware
  • ds-k1t671t_firmware
  • ds-k1t320mx
  • ds-k1t341am
  • ds-k1t320mfwx
  • ds-k1t671tmfw
  • ds-k1t804amf
  • ds-k1t341cm_firmware
  • ds-k1t343mx_firmware
  • ds-k1t320efwx_firmware
  • ds-k1t343ewx
  • ds-k1t341cm
  • ds-k1t343mwx
  • ds-k1t343mx
  • ds-k1t320efx
  • ds-k1t671mf
  • ds-k1t320ewx_firmware
  • ds-k1t343ex_firmware
  • ds-k1t671tmf
  • ds-k1t343ex
  • ds-k1t671tm_firmware
  • ds-k1t804amf_firmware
  • ds-k1t671tm-3xf
  • ds-k1t671mf_firmware
  • ds-k1t671tmfw_firmware
  • ds-k1t341amf
  • ds-k1t804af_firmware
  • ds-k1t320efx_firmware
CWE
CWE-384

Session Fixation

CWE-284

Improper Access Control