CVE-2022-32540

MEDIUM

5.9

Descricao

Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.

Detalhes CVE

Pontuacao CVSS v3.15.9

SeveridadeMEDIUM

Vetor CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Vetor de ataqueNETWORK

ComplexidadeHIGH

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado9/30/2022

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

bosch:bosch_video_management_systembosch:videojet_decoder_7513bosch:videojet_decoder_7513_firmware

Fraquezas (CWE)

CWE-200CWE-200

Referencias

https://psirt.bosch.com/security-advisories/bosch-sa-464066.html(psirt@bosch.com)

https://psirt.bosch.com/security-advisories/bosch-sa-464066.html(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.