4.9
CVE-2021-23852
- EPSS 0.83%
- Veröffentlicht 09.06.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:51:57
- Quelle psirt@bosch.com
- CVE-Watchlists
- Unerledigt
LoginDenial of Service (DoS) due to invalid web parameter
An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service (DoS).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bosch ≫ Cpp4 Firmware Version-
Bosch ≫ Cpp6 Firmware Version-
Bosch ≫ Cpp7 Firmware Version-
Bosch ≫ Cpp7.3 Firmware Version-
Bosch ≫ Cpp13 Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.83% | 0.526 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
| psirt@bosch.com | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html