A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with firmware 7.70, 7.72, and 7.80 prior to B128 are affected by this vulnerability. Versions 7.62 or lower and INTEOX cameras are not affected.
References
Link | Resource |
---|---|
https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: bosch
Published: 2021-05-20T00:00:00
Updated: 2021-06-09T14:19:47
Reserved: 2021-01-12T00:00:00
Link: CVE-2021-23847
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-09T15:15:08.187
Modified: 2021-06-22T13:36:37.013
Link: CVE-2021-23847
JSON object: View
Redhat Information
No data.