1. CVE-Search
  2. CVE-2023-28808
ID CVE-2023-28808
Summary Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
References
Vulnerable Configurations
  • cpe:2.3:o:hikvision:ds-a71024_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a71024_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a71024_firmware:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a71024_firmware:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a71024_firmware:2.3.8-6:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a71024_firmware:2.3.8-6:*:*:*:*:*:*:*
  • cpe:2.3:h:hikvision:ds-a71024:-:*:*:*:*:*:*:*
    cpe:2.3:h:hikvision:ds-a71024:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a71048_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a71048_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a71048_firmware:2.3.8-6:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a71048_firmware:2.3.8-6:*:*:*:*:*:*:*
  • cpe:2.3:h:hikvision:ds-a71048:-:*:*:*:*:*:*:*
    cpe:2.3:h:hikvision:ds-a71048:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a71072r_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a71072r_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a71072r_firmware:2.3.8-6:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a71072r_firmware:2.3.8-6:*:*:*:*:*:*:*
  • cpe:2.3:h:hikvision:ds-a71072r:-:*:*:*:*:*:*:*
    cpe:2.3:h:hikvision:ds-a71072r:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a80624s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a80624s_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a80624s_firmware:2.3.8-6:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a80624s_firmware:2.3.8-6:*:*:*:*:*:*:*
  • cpe:2.3:h:hikvision:ds-a80624s:-:*:*:*:*:*:*:*
    cpe:2.3:h:hikvision:ds-a80624s:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a81016s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a81016s_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a81016s_firmware:2.3.8-6:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a81016s_firmware:2.3.8-6:*:*:*:*:*:*:*
  • cpe:2.3:h:hikvision:ds-a81016s:-:*:*:*:*:*:*:*
    cpe:2.3:h:hikvision:ds-a81016s:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a72024_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a72024_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a72024_firmware:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a72024_firmware:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a72024_firmware:2.3.8-6:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a72024_firmware:2.3.8-6:*:*:*:*:*:*:*
  • cpe:2.3:h:hikvision:ds-a72024:-:*:*:*:*:*:*:*
    cpe:2.3:h:hikvision:ds-a72024:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a72072r_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a72072r_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:hikvision:ds-a72072r:-:*:*:*:*:*:*:*
    cpe:2.3:h:hikvision:ds-a72072r:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a80316s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a80316s_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a80316s_firmware:2.3.8-6:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a80316s_firmware:2.3.8-6:*:*:*:*:*:*:*
  • cpe:2.3:h:hikvision:ds-a80316s:-:*:*:*:*:*:*:*
    cpe:2.3:h:hikvision:ds-a80316s:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a82024d_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a82024d_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a82024d_firmware:2.3.8-6:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a82024d_firmware:2.3.8-6:*:*:*:*:*:*:*
  • cpe:2.3:h:hikvision:ds-a82024d:-:*:*:*:*:*:*:*
    cpe:2.3:h:hikvision:ds-a82024d:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a71048r-cvs_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a71048r-cvs_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a71048r-cvs_firmware:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a71048r-cvs_firmware:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:h:hikvision:ds-a71048r-cvs:-:*:*:*:*:*:*:*
    cpe:2.3:h:hikvision:ds-a71048r-cvs:-:*:*:*:*:*:*:*
  • cpe:2.3:o:hikvision:ds-a72072r_firmware:2.3.8-6:*:*:*:*:*:*:*
    cpe:2.3:o:hikvision:ds-a72072r_firmware:2.3.8-6:*:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 24-04-2023 - 13:50
Published 11-04-2023 - 21:15
Last modified 24-04-2023 - 13:50
Back to Top