Lucene search

HikvisionCVELIST:CVE-2023-28809

HistoryJun 15, 2023 - 12:00 a.m.

CVE-2023-28809

2023-06-1500:00:00

CWE-284

hikvision

www.cve.org

access control

session hijacking

vulnerability

device operation permissions

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

57.7%

JSON

Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.

CNA Affected

[
  {
    "vendor": "hikvision",
    "product": "DS-K1T804AXX",
    "versions": [
      {
        "version": "V1.4.0_build221212",
        "status": "affected",
        "lessThan": "V1.4.0_build221212",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "hikvision",
    "product": "DS-K1T341AXX",
    "versions": [
      {
        "version": "V3.2.30_build221223",
        "status": "affected",
        "lessThan": "V3.2.30_build221223",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "hikvision",
    "product": "DS-K1T671XXX",
    "versions": [
      {
        "version": "V3.2.30_build221223",
        "status": "affected",
        "lessThan": "V3.2.30_build221223",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "hikvision",
    "product": "DS-K1T343XXX",
    "versions": [
      {
        "version": "V3.14.0_build230117",
        "status": "affected",
        "lessThan": "V3.14.0_build230117",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "hikvision",
    "product": "DS-K1T341C",
    "versions": [
      {
        "version": "V3.3.8_build230112",
        "status": "affected",
        "lessThan": "V3.3.8_build230112",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "hikvision",
    "product": "DS-K1T320XXX",
    "versions": [
      {
        "version": "V3.5.0_build220706",
        "status": "affected",
        "lessThan": "V3.5.0_build220706",
        "versionType": "custom"
      }
    ]
  }
]

References

packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html

www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

57.7%

JSON

Related for CVELIST:CVE-2023-28809