Lucene search
HistoryNov 14, 2022 - 11:15 p.m.
CVE-2022-40903
aiphone gt-dmb-n
video entrance station
nfc reader
administrative privileges
security vulnerability
CVSS3
6.5
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
27.1%
Aiphone GT-DMB-N 3-in-1 Video Entrance Station with NFC Reader 1.0.3 does not mitigate against repeated failed access attempts, which allows an attacker to gain administrative privileges.
Affected configurations
Node
aiphonegt-dmb-nMatch-
aiphonegt-dmb-n_firmwareRange<3.00
Node
aiphonegt-dmbMatch-
aiphonegt-dmb_firmwareRange<3.00
Node
aiphonegt-dmb-lvnMatch-
aiphonegt-dmb-lvn_firmwareRange<3.00
Node
aiphonegt-db-vnMatch-
aiphonegt-db-vn_firmwareRange<2.00
| Vendor | Product | Version | CPE |
|---|---|---|---|
| aiphone | gt-dmb-n | - | cpe:2.3:h:aiphone:gt-dmb-n:-:*:*:*:*:*:*:* |
| aiphone | gt-dmb-n_firmware | * | cpe:2.3:o:aiphone:gt-dmb-n_firmware:*:*:*:*:*:*:*:* |
| aiphone | gt-dmb | - | cpe:2.3:h:aiphone:gt-dmb:-:*:*:*:*:*:*:* |
| aiphone | gt-dmb_firmware | * | cpe:2.3:o:aiphone:gt-dmb_firmware:*:*:*:*:*:*:*:* |
| aiphone | gt-dmb-lvn | - | cpe:2.3:h:aiphone:gt-dmb-lvn:-:*:*:*:*:*:*:* |
| aiphone | gt-dmb-lvn_firmware | * | cpe:2.3:o:aiphone:gt-dmb-lvn_firmware:*:*:*:*:*:*:*:* |
| aiphone | gt-db-vn | - | cpe:2.3:h:aiphone:gt-db-vn:-:*:*:*:*:*:*:* |
| aiphone | gt-db-vn_firmware | * | cpe:2.3:o:aiphone:gt-db-vn_firmware:*:*:*:*:*:*:*:* |
Related
jvn
jvn
cve
cve
CVE-2022-40903
2022-11-14 23:15:11
prion
prion
Design/Logic Flaw
2022-11-14 23:15:00
cvelist
cvelist
CVE-2022-40903
2022-11-14 00:00:00
CVSS3
6.5
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
27.1%
Related for NVD:CVE-2022-40903