Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control for Bosch Video Systems, PSIM and Access Control Systems
Vulnerability Description
A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The RCP+ network port allows access without authentication. Adding authentication feature to the respective library fixes the issue. The issue is classified as "CWE-284: Improper Access Control." This vulnerability, for example, allows a potential attacker to delete video or read video data.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Bosch产品访问控制错误漏洞
Vulnerability Description
Bosch DIVAR IP 2000等都是德国Bosch公司的产品。Bosch DIVAR IP 2000是一款2000系列视频录像机。Video Recording Manager(VRM)是一款视频录制管理器。Bosch DIVAR IP 3000是一款3000系列视频录像机。 多款Bosch产品中存在访问控制错误漏洞。该漏洞源于网络系统或产品未正确限制来自未授权角色的资源访问。以下产品及版本受到影响:Bosch Video Management System (BVMS)9.0及之前版本;DIVA
CVSS Information
N/A
Vulnerability Type
N/A