CVE-2021-23861 Possible Access to Debug Functions in Bosch VRM / BVMS

By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed...

CVE-2021-23860 Reflected Cross Site Scripting (XSS) vulnerability in Bosch VRM / BVMS

An error in a page handler of the VRM may lead to a reflected cross site scripting XSS in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed...

多款Bosch产品操作系统命令注入漏洞

Bosch Access Professional Edition and others are products of Bosch, Germany.Bosch Access Professional Edition is an enterprise access control and security management solution.Bosch VRM is an application.Bosch BVMS is an application... Bosch BVMS is an application software. An operating system...

CVE-2019-11684

Improper Access Control in the RCP+ server of the Bosch Video Recording Manager VRM component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks...

Improper access control

Improper Access Control in the RCP+ server of the Bosch Video Recording Manager VRM component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks...

CVE-2019-11684

The CVE-2019-11684 entry covers an improper access control flaw in the RCP+ server of the Bosch Video Recording Manager (VRM) component. It allows arbitrary, unauthenticated access to a limited subset of certificates stored by Windows. Affected products/versions include VRM v3.70.x, VRM v3.71 up ...