Input validation

2024-03-0203:15:00

PRIOn knowledge base

www.prio-n.com

server-side validation

unauthorized access

parameter values

nvd

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

14.2%

JSON

Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values.

CPENameOperatorVersion
hikcentral_professionalge2.0.0
hikcentral_professionallt2.5.1

CPE	Name	Operator	Version
	hikcentral_professional	ge	2.0.0
	hikcentral_professional	lt	2.5.1

References

www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/