Lucene search

K
cve[email protected]CVE-2023-32230
HistoryDec 18, 2023 - 1:15 p.m.

CVE-2023-32230

2023-12-1813:15:06
CWE-703
web.nvd.nist.gov
9
bosch
bt software
api
dos
cve-2023-32230
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

20.5%

An improper handling of a malformed API request to an API server in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation.

Affected configurations

NVD
Node
boschmonitor_wallRange10.00.0164
Node
boschvideojet_decoder_7513Match-
AND
boschvideojet_decoder_7513_firmwareRange10.40.0055
Node
boschvideojet_decoder_7523Match-
AND
boschvideojet_decoder_7523_firmwareRange10.40.0055
Node
boschvideo_recording_managerRange04.10.0079
Node
boschvideo_streaming_gatewayRange8.1.2.2
OR
boschvideo_streaming_gatewayRange9.0.09.0.0.178

CNA Affected

[
  {
    "vendor": "Bosch",
    "product": "Video Recording Manager",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "04.10.0079"
      }
    ]
  },
  {
    "vendor": "Bosch",
    "product": "Video Streaming Gateway",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "8.1.2.2"
      },
      {
        "version": "9.0.0",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "9.0.0.178"
      }
    ]
  },
  {
    "vendor": "Bosch",
    "product": "Monitorwall",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "10.00.0164"
      }
    ]
  },
  {
    "vendor": "Bosch",
    "product": "VJD-7513",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "10.40.0055"
      }
    ]
  },
  {
    "vendor": "Bosch",
    "product": "VJD-7523",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "10.40.0055"
      }
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

20.5%

Related for CVE-2023-32230