CVE-2020-6768 Path Traversal in Bosch Video Management System (BVMS)

🗓️ 07 Feb 2020 20:01:21Reported by boschType

CVE-2020-6768 Path Traversal in Bosch Video Management System (BVMS

Reporter	Title	Published	Views	Family All 6
CNVD	Bosch DIVAR IP 3000 Path Traversal Vulnerability	10 Feb 202000:00	–	cnvd
CVE	CVE-2020-6768	7 Feb 202020:01	–	cve
EUVD	EUVD-2020-27915	7 Oct 202500:30	–	euvd
NVD	CVE-2020-6768	7 Feb 202021:15	–	nvd
OSV	CVE-2020-6768	7 Feb 202021:15	–	osv
Prion	Path traversal	7 Feb 202021:15	–	prion

[
  {
    "product": "DIVAR IP 3000",
    "vendor": "Bosch",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  },
  {
    "product": "DIVAR IP 7000",
    "vendor": "Bosch",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  },
  {
    "product": "DIVAR IP all-in-one 5000",
    "vendor": "Bosch",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  },
  {
    "product": "Bosch Video Management System",
    "vendor": "Bosch",
    "versions": [
      {
        "lessThanOrEqual": "7.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "8.0.0.329",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "9.0.0.827",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "10.0.0.1225",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "BVMS Viewer",
    "vendor": "Bosch",
    "versions": [
      {
        "lessThanOrEqual": "7.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "8.0.0.329",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "9.0.0.827",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "10.0.0.1225",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
psirt	www.psirt.bosch.com/security-advisories/bosch-sa-815013-bt.html

07 Feb 2020 20:01Current

8.6High risk

Vulners AI Score8.6

CVSS 3.18.6

EPSS0.01605

CWE-22