{"containers": {"cna": {"affected": [{"product": "IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X", "vendor": "Dahua Technology", "versions": [{"status": "affected", "version": "Versions which Build time before August 18 2019"}]}], "descriptions": [{"lang": "en", "value": "Some Dahua products have the problem of denial of service during the login process. An attacker can cause a device crashed by constructing a malicious packet. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019."}], "problemTypes": [{"descriptions": [{"description": "Denial of Service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-09-18T18:42:45", "orgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad", "shortName": "dahua"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.dahuasecurity.com/support/cybersecurity/details/637"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@dahuatech.com", "ID": "CVE-2019-9678", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X", "version": {"version_data": [{"version_value": "Versions which Build time before August 18 2019"}]}}]}, "vendor_name": "Dahua Technology"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Some Dahua products have the problem of denial of service during the login process. An attacker can cause a device crashed by constructing a malicious packet. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service"}]}]}, "references": {"reference_data": [{"name": "https://www.dahuasecurity.com/support/cybersecurity/details/637", "refsource": "CONFIRM", "url": "https://www.dahuasecurity.com/support/cybersecurity/details/637"}]}}}}, "cveMetadata": {"assignerOrgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad", "assignerShortName": "dahua", "cveId": "CVE-2019-9678", "datePublished": "2019-09-18T18:42:45", "dateReserved": "2019-03-11T00:00:00", "dateUpdated": "2019-09-18T18:42:45", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdw1x2x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C6E2D121-6734-4A00-B591-823AE8E33130", "versionEndExcluding": "2019-08-18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdw1x2x:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEAAFB9C-0BFE-413A-A13B-CB485FC82BF6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hfw1x2x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D31CD26D-5C5A-4A98-B515-58A26C120E50", "versionEndExcluding": "2019-08-18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hfw1x2x:-:*:*:*:*:*:*:*", "matchCriteriaId": "528FE4A4-08D8-4A8F-8437-4606C769CC90", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdw2x2x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "45D99315-300F-4FD9-8161-13EACD2B66FC", "versionEndExcluding": "2019-08-18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdw2x2x:-:*:*:*:*:*:*:*", "matchCriteriaId": "23A12ECC-377E-48E3-9AD2-3296E9581D16", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hfw2x2x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2561607-9770-4C23-89DD-50B487DA6CBE", "versionEndExcluding": "2019-08-18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hfw2x2x:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC3F17B6-FFF9-4118-A7A4-262D3D126953", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdw4x2x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC4CEABA-35D5-4785-A8CA-7216F22A5012", "versionEndExcluding": "2019-08-18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdw4x2x:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8460FAC-6AED-4D6F-A6DB-84A4CC278CA3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hfw4x2x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3D38C378-9D10-48A8-A8EE-FDBB9BE179CD", "versionEndExcluding": "2019-08-18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hfw4x2x:-:*:*:*:*:*:*:*", "matchCriteriaId": "08277A58-AE74-43E3-BFD9-10ACFF3180D8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdbw4x2x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC289503-8A59-42A5-97A8-932A1BDA4F00", "versionEndExcluding": "2019-08-18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdbw4x2x:-:*:*:*:*:*:*:*", "matchCriteriaId": "C9CEDA2A-9E81-46B0-BCBE-CAAB7E050F44", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdw5x2x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E56F8D5-66DA-4186-AF7E-F2691E4A68C3", "versionEndExcluding": "2019-08-18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdw5x2x:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4A2CBF7-C132-4EC2-9243-9892784516C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hfw5x2x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD926583-99C6-4543-AAE5-CD0DFF0007C5", "versionEndExcluding": "2019-08-18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hfw5x2x:-:*:*:*:*:*:*:*", "matchCriteriaId": "7924CDDA-609E-4E9A-A8D7-5A5E2973394A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Some Dahua products have the problem of denial of service during the login process. An attacker can cause a device crashed by constructing a malicious packet. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019."}, {"lang": "es", "value": "Algunos productos Dahua presentan el problema de denegaci\u00f3n de servicio durante el proceso de inicio de sesi\u00f3n. Un atacante puede causar que un dispositivo se bloquee mediante la construcci\u00f3n de un paquete malicioso. Entre los productos afectados se incluyen: IPC-HDW1X2X, IPC-HFW1X2X, IPC-HDW2X2X, IPC-HFW2X2X, IPC-HDW4X2X, IPC-HFW4X2X, IPC-HDBW4X2X, IPC-HDW5X2X, IPC-HX, para versiones cuyo tiempo de Compilaci\u00f3n es antes del 18 de Agosto del 2019."}], "id": "CVE-2019-9678", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-09-18T19:15:11.470", "references": [{"source": "cybersecurity@dahuatech.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.dahuasecurity.com/support/cybersecurity/details/637"}], "sourceIdentifier": "cybersecurity@dahuatech.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}