漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3), Siveillance Video Open Network Bridge (2020 R2), Siveillance Video Open Network Bridge (2020 R1), Siveillance Video Open Network Bridge (2019 R3), Siveillance Video Open Network Bridge (2019 R2), Siveillance Video Open Network Bridge (2019 R1), Siveillance Video Open Network Bridge (2018 R3), Siveillance Video Open Network Bridge (2018 R2). Affected Open Network Bridges store user credentials for the authentication between ONVIF clients and ONVIF server using a hard-coded key. The encrypted credentials can be retrieved via the MIP SDK. This could allow an authenticated remote attacker to retrieve and decrypt all credentials stored on the ONVIF server.
CVSS Information
N/A
Vulnerability Type
使用硬编码的密码学密钥
Vulnerability Title
Siemens Open Network Bridge 信任管理问题漏洞
Vulnerability Description
Siemens Milestone Open Network Bridge是德国西门子(Siemens)公司的一个应用软件。提供一个支持onvif的接口。 Open Network Bridge存在安全漏洞,该漏洞源于Open Network Bridge ONVIF客户端和ONVIF服务器之间的身份验证存储用户凭据,使用硬编码的密钥,这可以允许经过身份验证的远程攻击者检索和解密存储在ONVIF服务器上的所有凭据。以下产品及版本受到影响: Open Network Bridge 22020 R3、 Ope
CVSS Information
N/A
Vulnerability Type
N/A