CVE-2021-23849

🗓️ 05 Aug 2021 19:23:32Reported by boschType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 44 Views

A vulnerability allows unauthenticated remote attacker to trigger actions on affected syste

Reporter	Title	Published	Views	Family All 5
CNNVD	Bosch IP cameras 跨站请求伪造漏洞	5 Aug 202100:00	–	cnnvd
Cvelist	CVE-2021-23849 Cross Site Request Forgery (CSRF) vulnerability in web based management interface	5 Aug 202119:23	–	cvelist
EUVD	EUVD-2021-10775	7 Oct 202500:30	–	euvd
NVD	CVE-2021-23849	5 Aug 202120:15	–	nvd
Prion	Cross site request forgery (csrf)	5 Aug 202120:15	–	prion

NVD

Node

bosch cpp4_firmwareMatch7.10

AND

bosch cpp4Match-

Node

bosch cpp6_firmwareMatch7.60

bosch cpp6_firmwareMatch7.61

bosch cpp6_firmwareMatch7.70

bosch cpp6_firmwareMatch7.80

AND

bosch cpp6Match-

Node

bosch aviotec_firmwareMatch7.61

bosch aviotec_firmwareMatch7.72

AND

bosch aviotecMatch-

Node

bosch cpp7_firmwareMatch7.60

bosch cpp7_firmwareMatch7.61

bosch cpp7_firmwareMatch7.70

bosch cpp7_firmwareMatch7.72

bosch cpp7_firmwareMatch7.80

AND

bosch cpp7Match-

Node

bosch cpp7.3_firmwareMatch7.60

bosch cpp7.3_firmwareMatch7.61

bosch cpp7.3_firmwareMatch7.62

bosch cpp7.3_firmwareMatch7.70

bosch cpp7.3_firmwareMatch7.72

bosch cpp7.3_firmwareMatch7.73

bosch cpp7.3_firmwareMatch7.80

AND

bosch cpp7.3Match-

Node

bosch cpp13_firmwareMatch7.75

AND

bosch cpp13Match-

Node

bosch cpp14_firmwareMatch8.00

AND

bosch cpp14Match-

[
  {
    "platforms": [
      "CPP4, CPP6, AVIOTEC, CPP7, CPP7.3, CPP13, CPP14"
    ],
    "product": "CPP Firmware",
    "vendor": "Bosch",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  }
]

Source	Link
psirt	www.psirt.bosch.com/security-advisories/bosch-sa-033305-bt.html

21 Nov 2024 05:51Current

8.1High risk

Vulners AI Score8.1

CVSS 26.8

CVSS 3.17.5 - 8.8

EPSS0.00181

CWE-352