CVE-2019-18230

EPSS 0.26%
Published 31.10.2019 22:15:11
Last modified 21.11.2024 04:32:53
Source ics-cert@hq.dhs.gov
Teams watchlist Login
Open Login

Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Honeywell ≫ H4d8pr1 Firmware Version < 1.000.hw01.3.20190820

Honeywell ≫ H4d8pr1 Version-

Honeywell ≫ Hfd5pr1 Firmware Version < 1.000.hw01.1.20190822

Honeywell ≫ Hfd5pr1 Version-

Honeywell ≫ Hpw2p1 Firmware Version < 1.000.hw01.3.20190820

Honeywell ≫ Hpw2p1 Version-

Honeywell ≫ Hdzp304di Firmware Version < 1.000.hw10.5.20190812

Honeywell ≫ Hdzp304di Version-

Honeywell ≫ Hdzp252di Firmware Version < 1.000.hw02.3.20181109

Honeywell ≫ Hdzp252di Version-

Honeywell ≫ Hdz302din-s1 Firmware Version < 1.000.0041.20180530

Honeywell ≫ Hdz302din-s1 Version-

Honeywell ≫ Hdz302lik Firmware Version < 1.000.61.1.20180607

Honeywell ≫ Hdz302lik Version-

Honeywell ≫ Hdz302liw Firmware Version < 1.000.61.1.20180607

Honeywell ≫ Hdz302liw Version-

Honeywell ≫ Hfd6gr1 Firmware Version < 1.000.hw00.9.20180510

Honeywell ≫ Hfd6gr1 Version-

Honeywell ≫ Hfd8gr1 Firmware Version < 1.000.hw00.9.20180510

Honeywell ≫ Hfd8gr1 Version-

Honeywell ≫ Hm4l8gr1 Firmware Version < 1.000.hw02.8.20190813

Honeywell ≫ Hm4l8gr1 Version-

Honeywell ≫ Hmbl8gr1 Firmware Version < 1.000.hw02.8.20190813

Honeywell ≫ Hmbl8gr1 Version-

Honeywell ≫ H2w2gr1 Firmware Version < 1.000.0000.18.20190409

Honeywell ≫ H2w2gr1 Version-

Honeywell ≫ H3w2gr1 Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ H3w2gr1 Version-

Honeywell ≫ H3w2gr1v Firmware Version < 1.000.0000.18.20190409

Honeywell ≫ H3w2gr1v Version-

Honeywell ≫ H3w2gr2 Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ H3w2gr2 Version-

Honeywell ≫ H3w4gr1 Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ H3w4gr1 Version-

Honeywell ≫ H3w4gr1v Firmware Version < 1.000.0000.18.20190409

Honeywell ≫ H3w4gr1v Version-

Honeywell ≫ H4d8gr1 Firmware Version < 2.420.hw00.9.20180510

Honeywell ≫ H4d8gr1 Version-

Honeywell ≫ H4l2gr1 Firmware Version < 1.000.0000.18.20190423

Honeywell ≫ H4l2gr1 Version-

Honeywell ≫ H4l2gr1v Firmware Version < 1.000.0000.18.20190423

Honeywell ≫ H4l2gr1v Version-

Honeywell ≫ H4l6gr2 Firmware Version < 1.000.hw02.8.20190813

Honeywell ≫ H4l6gr2 Version-

Honeywell ≫ H4lggr2 Firmware Version < 1.000.hw04.3.20190813

Honeywell ≫ H4lggr2 Version-

Honeywell ≫ H4w2gr1 Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ H4w2gr1 Version-

Honeywell ≫ H4w2gr1v Firmware Version < 1.000.0000.18.20190409

Honeywell ≫ H4w2gr1v Version-

Honeywell ≫ H4w2gr2 Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ H4w2gr2 Version-

Honeywell ≫ H4w4gr1 Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ H4w4gr1 Version-

Honeywell ≫ H4w4gr1v Firmware Version < 1.000.0000.18.20190409

Honeywell ≫ H4w4gr1v Version-

Honeywell ≫ Hbd8gr1 Firmware Version < 2.420.hw00.9.20180510

Honeywell ≫ Hbd8gr1 Version-

Honeywell ≫ Hbl2gr1 Firmware Version < 2.420.hw01.33.20190812

Honeywell ≫ Hbl2gr1 Version-

Honeywell ≫ Hbl2gr1v Firmware Version < 1.000.0000.18.20190423

Honeywell ≫ Hbl2gr1v Version-

Honeywell ≫ Hbl6gr2 Firmware Version < 1.000.hw04.3.20190813

Honeywell ≫ Hbl6gr2 Version-

Honeywell ≫ Hbl6gr2 Firmware Version < 1.000.hw02.8.20190813

Honeywell ≫ Hbl6gr2 Version-

Honeywell ≫ Hbw2gr1 Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ Hbw2gr1 Version-

Honeywell ≫ Hbw2gr1v Firmware Version < 1.000.0000.18.20190409

Honeywell ≫ Hbw2gr1v Version-

Honeywell ≫ Hbw2gr3 Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ Hbw2gr3 Version-

Honeywell ≫ Hbw2gr3v Firmware Version < 1.000.0000.18.20190409

Honeywell ≫ Hbw2gr3v Version-

Honeywell ≫ Hbw4gr1 Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ Hbw4gr1 Version-

Honeywell ≫ Hbw4gr1v Firmware Version < 1.000.0000.18.20190409

Honeywell ≫ Hbw4gr1v Version-

Honeywell ≫ Hcd8g Firmware Version < 2.420.hw00.9.20180510

Honeywell ≫ Hcd8g Version-

Honeywell ≫ Hcl2g Firmware Version < 1.000.0000.18.20190423

Honeywell ≫ Hcl2g Version-

Honeywell ≫ Hcl2gv Firmware Version < 1.000.0000.18.20190423

Honeywell ≫ Hcl2gv Version-

Honeywell ≫ Hcw2g Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ Hcw2g Version-

Honeywell ≫ Hcw2gv Firmware Version < 1.000.0000.18.20190409

Honeywell ≫ Hcw2gv Version-

Honeywell ≫ Hcw4g Firmware Version < 1.000.hw00.21.20190812

Honeywell ≫ Hcw4g Version-

Honeywell ≫ Hdz302d Firmware Version < 1.000.0041.20180530

Honeywell ≫ Hdz302d Version-

Honeywell ≫ Hdz302de Firmware Version < 1.000.0041.20180530

Honeywell ≫ Hdz302de Version-

Honeywell ≫ Hdz302din Firmware Version < 1.000.0041.20180530

Honeywell ≫ Hdz302din Version-

Honeywell ≫ Hdz302din-c1 Firmware Version < 1.000.0041.20180530

Honeywell ≫ Hdz302din-c1 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.26%	0.46

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

https://www.us-cert.gov/ics/advisories/icsa-19-304-03

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2019-18230

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-18230

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-18230

EUVD