Lucene search
BoschCVELIST:CVE-2021-23852HistoryJun 09, 2021 - 2:18 p.m.
CVE-2021-23852 Denial of Service (DoS) due to invalid web parameter
2021-06-0914:18:24
CWE-400
bosch
www.cve.org
2
cve-2021-23852
denial of service
bosch ip cameras
invalid web parameter
administrator rights
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
35.0%
An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service (DoS).
CNA Affected
[
{
"platforms": [
"CPP4, CPP6, CPP7, CPP7.3, CPP13"
],
"product": "CPP Firmware",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
]Related
cnvd
cnvd
Bosch IP cameras denial of service vulnerability
2021-06-11 00:00:00
cve
cve
CVE-2021-23852
2021-06-09 15:15:08
nvd
nvd
CVE-2021-23852
2021-06-09 15:15:08
prion
prion
Code injection
2021-06-09 15:15:00
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
35.0%
Related for CVELIST:CVE-2021-23852