Lucene search

K
cve[email protected]CVE-2017-11510
HistoryMar 28, 2018 - 5:29 p.m.

CVE-2017-11510

2018-03-2817:29:00
CWE-200
CWE-522
web.nvd.nist.gov
26
information security
wanscam
hw0021
network camera
information leak
cve-2017-11510
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

An information leak exists in Wanscam’s HW0021 network camera that allows an unauthenticated remote attacker to recover the administrator username and password via an ONVIF GetSnapshotUri request.

Affected configurations

NVD
Node
wanscamhw0021_firmwareMatch11.6.5.1.1-20161213
AND
wanscamhw0021Match-

CNA Affected

[
  {
    "product": "Wanscam HW0021",
    "vendor": "Wanscam",
    "versions": [
      {
        "status": "affected",
        "version": "11.6.5.1.1-20161213"
      }
    ]
  }
]

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

Related for CVE-2017-11510