Lucene search

[email protected]NVD:CVE-2019-14701

HistoryAug 06, 2019 - 11:15 p.m.

CVE-2019-14701

2019-08-0623:15:12

CWE-22

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

59.8%

JSON

An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but cannot retrieve the data that is read. This causes a denial of service if the filename is, for example, /dev/random.

Affected configurations

NVD

Node

microdigitalmdc-n4090_firmwareRange≤6400.0.8.5

AND

microdigitalmdc-n4090Match-

Node

microdigitalmdc-n4090w_firmwareRange≤6400.0.8.5

AND

microdigitalmdc-n4090wMatch-

Node

microdigitalmdc-n2190v_firmwareRange≤6400.0.8.5

AND

microdigitalmdc-n2190vMatch-

References

www.microdigital.co.kr/

pastebin.com/PSyqqs1g

www.microdigital.ru/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

59.8%

JSON

Related for NVD:CVE-2019-14701

prion1 cvelist1 cve1