7.5
CVE-2022-34138
- EPSS 0.26%
- Veröffentlicht 03.02.2023 15:15:08
- Zuletzt bearbeitet 26.03.2025 18:15:17
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginInsecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Biltema ≫ Baby Camera Firmware Version124
Biltema ≫ Ip Camera Firmware Version124
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.489 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-639 Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.