Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Divar_ip_5000_firmware
(Bosch)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-06-15 | CVE-2023-28175 | Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request. | Divar_ip_3000_firmware, Divar_ip_4000_firmware, Divar_ip_5000_firmware, Divar_ip_6000_firmware, Divar_ip_7000_firmware, Divar_ip_7000_r2_firmware, Divar_ip_7000_r3_firmware, Video_management_system, Video_management_system_viewer | 7.7 | ||
| 2021-02-26 | CVE-2019-11684 | Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 < v3.71.0034 and v3.81 < 3.81.0050; DIVAR IP 5000 3.80 < 3.80.0039; BVMS all... | Divar_ip_5000_firmware, Video_management_system, Video_recording_manager | 9.8 | ||
| 2020-02-07 | CVE-2020-6769 | Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded video data of all cameras configured to be controlled by the VSG as well as the recording storage associated with the VSG. This affects Bosch Video Streaming Gateway versions 6.45 <= 6.45.08, 6.44... | Divar_ip_2000_firmware, Divar_ip_5000_firmware, Video_streaming_gateway | N/A | ||
| 2019-05-13 | CVE-2019-8952 | A Path Traversal vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote authorized user to access arbitrary files on the system via the network interface. Affected hardware products: Bosch DIVAR IP 2000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.62.0019 and newer), Bosch DIVAR IP 5000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62;... | Divar_ip_2000_firmware, Divar_ip_5000_firmware, Video_management_system, Video_recording_manager | 6.5 | ||
| 2019-05-13 | CVE-2019-8951 | An Open Redirect vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote attacker to redirect users to an arbitrary URL. Affected hardware products: Bosch DIVAR IP 2000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.62.0019 and newer), Bosch DIVAR IP 5000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.80.0033 and... | Divar_ip_2000_firmware, Divar_ip_5000_firmware, Video_management_system, Video_recording_manager | 6.1 |