Lucene search

[email protected]NVD:CVE-2023-28813

HistoryNov 23, 2023 - 9:15 a.m.

CVE-2023-28813

2023-11-2309:15:33

[email protected]

web.nvd.nist.gov

attacker

vulnerability

crafted messages

plug-in parameters

malicious files

computer

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

18.0%

JSON

An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files.

Affected configurations

NVD

Node

hikvisionlocalservicecomponentsRange≤1.0.0.78

References

www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-web-browser-plug-in-locals/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

18.0%

JSON

Related for NVD:CVE-2023-28813

cve1 cvelist1 prion1