Lucene search
HistoryMay 22, 2019 - 8:29 p.m.
CVE-2018-7828
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.5%
A Cross-Site Request Forgery (CSRF) vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera when an authenticated user clicks a specially crafted malicious link while logged into the camera.
Affected configurations
Node
schneider-electricd6220_firmwareRange2.11≥
schneider-electricd6220Match-
Node
schneider-electricd6220l_firmwareRange2.11≥
schneider-electricd6220lMatch-
Node
schneider-electricd6230_firmwareRange2.11≥
schneider-electricd6230Match-
Node
schneider-electricd6230l_firmwareRange2.11≥
schneider-electricd6230lMatch-
Node
schneider-electricimes19-1i_firmwareRange<2.2.3.0
schneider-electricimes19-1iMatch-
Node
schneider-electricimes19-1s_firmwareRange<2.2.3.0
schneider-electricimes19-1sMatch-
Node
schneider-electricimes19-1p_firmwareRange<2.2.3.0
schneider-electricimes19-1pMatch-
Node
schneider-electricime119-1i_firmwareRange<2.2.3.0
schneider-electricime119-1iMatch-
Node
schneider-electricime119-1s_firmwareRange<2.2.3.0
schneider-electricime119-1sMatch-
Node
schneider-electricime119-1p_firmwareRange<2.2.3.0
schneider-electricime119-1pMatch-
Node
schneider-electricime219-1i_firmwareRange<2.2.3.0
schneider-electricime219-1iMatch-
Node
schneider-electricime219-1s_firmwareRange<2.2.3.0
schneider-electricime219-1sMatch-
Node
schneider-electricime219-1p_firmwareRange<2.2.3.0
schneider-electricime219-1pMatch-
Node
schneider-electricime319-1i_firmwareRange<2.2.3.0
schneider-electricime319-1iMatch-
Node
schneider-electricime319-1s_firmwareRange<2.2.3.0
schneider-electricime319-1sMatch-
Node
schneider-electricime319-1p_firmwareRange<2.2.3.0
schneider-electricime319-1pMatch-
Node
schneider-electricime319-b1i_firmwareRange<2.2.3.0
schneider-electricime319-b1iMatch-
Node
schneider-electricime319-b1s_firmwareRange<2.2.3.0
schneider-electricime319-b1sMatch-
Node
schneider-electricime319-b1p_firmwareRange<2.2.3.0
schneider-electricime319-b1pMatch-
Node
schneider-electricime3122-1i_firmwareRange<2.2.3.0
schneider-electricime3122-1iMatch-
Node
schneider-electricime3122-b1i_firmwareRange<2.2.3.0
schneider-electricime3122-b1iMatch-
Node
schneider-electricime3122-1s_firmwareRange<2.2.3.0
schneider-electricime3122-1sMatch-
Node
schneider-electricime3122-b1s_firmwareRange<2.2.3.0
schneider-electricime3122-b1sMatch-
Node
schneider-electricime3122-1p_firmwareRange<2.2.3.0
schneider-electricime3122-1pMatch-
Node
schneider-electricime3122-b1p_firmwareRange<2.2.3.0
schneider-electricime3122-b1pMatch-
Node
schneider-electricimes19-1ei_firmwareRange<2.2.3.0
schneider-electricimes19-1eiMatch-
Node
schneider-electricimes19-1es_firmwareRange<2.2.3.0
schneider-electricimes19-1esMatch-
Node
schneider-electricimes19-1ep_firmwareRange<2.2.3.0
schneider-electricimes19-1epMatch-
Node
schneider-electricime119-1ei_firmwareRange<2.2.3.0
schneider-electricime119-1eiMatch-
Node
schneider-electricime119-1es_firmwareRange<2.2.3.0
schneider-electricime119-1esMatch-
Node
schneider-electricime119-1ep_firmwareRange<2.2.3.0
schneider-electricime119-1epMatch-
Node
schneider-electricime219-1ei_firmwareRange<2.2.3.0
schneider-electricime219-1eiMatch-
Node
schneider-electricime219-1es_firmwareRange<2.2.3.0
schneider-electricime219-1esMatch-
Node
schneider-electricime219-1ep_firmwareRange<2.2.3.0
schneider-electricime219-1epMatch-
Node
schneider-electricime319-1ei_firmwareRange<2.2.3.0
schneider-electricime319-1eiMatch-
Node
schneider-electricime319-1es_firmwareRange<2.2.3.0
schneider-electricime319-1esMatch-
Node
schneider-electricime319-1ep_firmwareRange<2.2.3.0
schneider-electricime319-1epMatch-
Node
schneider-electricime3122-1ei_firmwareRange<2.2.3.0
schneider-electricime3122-1eiMatch-
Node
schneider-electricime3122-1es_firmwareRange<2.2.3.0
schneider-electricime3122-1esMatch-
Node
schneider-electricime3122-1ep_firmwareRange<2.2.3.0
schneider-electricime3122-1epMatch-
Node
schneider-electricimes19-1vi_firmwareRange<2.2.3.0
schneider-electricimes19-1viMatch-
Node
schneider-electricimes19-1vs_firmwareRange<2.2.3.0
schneider-electricimes19-1vsMatch-
Node
schneider-electricimes19-1vp_firmwareRange<2.2.3.0
schneider-electricimes19-1vpMatch-
Node
schneider-electricime119-1vi_firmwareRange<2.2.3.0
schneider-electricime119-1viMatch-
Node
schneider-electricime119-1vs_firmwareRange<2.2.3.0
schneider-electricime119-1vsMatch-
Node
schneider-electricime119-1vp_firmwareRange<2.2.3.0
schneider-electricime119-1vpMatch-
Node
schneider-electricime219-1vi_firmwareRange<2.2.3.0
schneider-electricime219-1viMatch-
Node
schneider-electricime219-1vs_firmwareRange<2.2.3.0
schneider-electricime219-1vsMatch-
Node
schneider-electricime219-1vp_firmwareRange<2.2.3.0
schneider-electricime219-1vpMatch-
Node
schneider-electricime319-1vi_firmwareRange<2.2.3.0
schneider-electricime319-1viMatch-
Node
schneider-electricime319-1vs_firmwareRange<2.2.3.0
schneider-electricime319-1vsMatch-
Node
schneider-electricime319-1vp_firmwareRange<2.2.3.0
schneider-electricime319-1vpMatch-
Node
schneider-electricime3122-1vi_firmwareRange<2.2.3.0
schneider-electricime3122-1viMatch-
Node
schneider-electricime3122-1vs_firmwareRange<2.2.3.0
schneider-electricime3122-1vsMatch-
Node
schneider-electricime3122-1vp_firmwareRange<2.2.3.0
schneider-electricime3122-1vpMatch-
Node
schneider-electricixes1_firmwareRange<2.2.3.0
schneider-electricixes1Match-
Node
schneider-electricixe11_firmwareRange<2.2.3.0
schneider-electricixe11Match-
Node
schneider-electricixe21_firmwareRange<2.2.3.0
schneider-electricixe21Match-
Node
schneider-electricixe31_firmwareRange<2.2.3.0
schneider-electricixe31Match-
Related
cve
cve
CVE-2018-7828
2019-05-22 20:29:01
prion
prion
Cross site request forgery (csrf)
2019-05-22 20:29:00
cvelist
cvelist
CVE-2018-7828
2019-05-22 19:34:25
zeroscience
zeroscience
Schneider Electric Pelco Sarix/Spectra Cameras CSRF Enable SSH Root Access
2017-07-10 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.5%
Related for NVD:CVE-2018-7828