Lucene search
China National Vulnerability DatabaseCNVD-2022-68292HistoryOct 10, 2022 - 12:00 a.m.
ZoneMinder Information Disclosure Vulnerability
2022-10-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
zoneminder
information disclosure
vulnerability
api
database log
unauthorized access
modification
0.001 Low
EPSS
Percentile
30.3%
ZoneMinder is an open source video surveillance software system. The system supports IP, USB, and analog cameras, etc. ZoneMinder is vulnerable to an information disclosure vulnerability that stems from the ZoneMinder API exposing database log content to users without permissions, allowing logs to be inserted, modified, and deleted without system privileges. No detailed vulnerability details are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Zoneminder Zoneminder | le | 1.36.27 | |
| Zoneminder Zoneminder >=1.37.0, | lt | 1.37.24 |
Related
alpinelinux
alpinelinux
CVE-2022-39289
2022-10-07 21:15:11
debiancve
debiancve
CVE-2022-39289
2022-10-07 21:15:11
veracode
veracode
Information Disclosure
2022-10-20 19:33:18
cve
cve
CVE-2022-39289
2022-10-07 21:15:11
nvd
nvd
CVE-2022-39289
2022-10-07 21:15:11
prion
prion
Double free
2022-10-07 21:15:00
ubuntucve
ubuntucve
CVE-2022-39289
2022-10-07 00:00:00
cvelist
cvelist
CVE-2022-39289 Database log access in ZoneMinder
2022-10-07 00:00:00
osv
osv
CVE-2022-39289
2022-10-07 21:15:11
openvas
openvas
ZoneMinder < 1.36.27, 1.37.x < 1.37.24 Multiple Vulnerabilities
2022-11-23 00:00:00