Description

An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service (DoS).

Related CPE's

o

bosch

cpp4_firmware

-

Vulnerable

h

bosch

cpp4

-

o

bosch

cpp6_firmware

-

Vulnerable

h

bosch

cpp6

-

o

bosch

cpp7_firmware

-

Vulnerable

h

bosch

cpp7

-

o

bosch

cpp7.3_firmware

-

Vulnerable

h

bosch

cpp7.3

-

o

bosch

cpp13_firmware

-

Vulnerable

h

bosch

cpp13

-

References

https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-400

[email protected]

Secondary
CWE-400

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

4.9 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-06-09T15:15:08.310

4 years ago

Last modified

2021-06-17T19:17:15.997

4 years ago