Lucene search

[email protected]NVD:CVE-2018-17919

HistoryOct 10, 2018 - 3:29 p.m.

CVE-2018-17919

2018-10-1015:29:00

CWE-798

CWE-912

[email protected]

web.nvd.nist.gov

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.6%

JSON

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account “default” with its default password to login to XMeye and access/view video streams.

Affected configurations

NVD

Node

xiongmaitechxmeye_p2p_cloud_server

References

ics-cert.us-cert.gov/advisories/ICSA-18-282-06

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.6%

JSON

Related for NVD:CVE-2018-17919

prion1 cve1 cvelist1 zdt1 packetstorm1 krebs1 ics1 qualysblog1