cnvd-2019-15935
Vulnerability from cnvd

Title: Schneider Electric NET55XX Encoder访问控制错误漏洞

Description:

Schneider Electric NET55XX Encoder是法国施耐德电气(Schneider Electric)公司的一款视频编码器。

使用2.1.9.7之前版本固件的Schneider Electric NET55XX Encoder存在访问控制错误漏洞。当远程攻击者向编码器webUI发出恶意请求时,可能会对机密性,完整性和可用性产生影响。

Severity:

Patch Name: Schneider Electric NET55XX Encoder访问控制错误漏洞的补丁

Patch Description:

Schneider Electric NET55XX Encoder是法国施耐德电气(Schneider Electric)公司的一款视频编码器。

使用2.1.9.7之前版本固件的Schneider Electric NET55XX Encoder存在访问控制错误漏洞。当远程攻击者向编码器webUI发出恶意请求时,可能会对机密性,完整性和可用性产生影响。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序,请及时关注更新: https://www.schneider-electric.com/en/download/document/SEVD-2019-134-01/

Reference: https://web.nvd.nist.gov//vuln/detail/CVE-2019-6814

Impacted products
Name
Schneider Electric NET55XX Encoder <2.1.9.7
Show details on source website

To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-6814",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6814"
    }
  },
  "description": "Schneider Electric NET55XX Encoder\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u89c6\u9891\u7f16\u7801\u5668\u3002\n\n\u4f7f\u75282.1.9.7\u4e4b\u524d\u7248\u672c\u56fa\u4ef6\u7684Schneider Electric NET55XX Encoder\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u3002\u5f53\u8fdc\u7a0b\u653b\u51fb\u8005\u5411\u7f16\u7801\u5668webUI\u53d1\u51fa\u6076\u610f\u8bf7\u6c42\u65f6\uff0c\u53ef\u80fd\u4f1a\u5bf9\u673a\u5bc6\u6027\uff0c\u5b8c\u6574\u6027\u548c\u53ef\u7528\u6027\u4ea7\u751f\u5f71\u54cd\u3002",
  "discovererName": "Schneider Electric",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.schneider-electric.com/en/download/document/SEVD-2019-134-01/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-15935",
  "openTime": "2019-05-30",
  "patchDescription": "Schneider Electric NET55XX Encoder\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u89c6\u9891\u7f16\u7801\u5668\u3002\r\n\r\n\u4f7f\u75282.1.9.7\u4e4b\u524d\u7248\u672c\u56fa\u4ef6\u7684Schneider Electric NET55XX Encoder\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u3002\u5f53\u8fdc\u7a0b\u653b\u51fb\u8005\u5411\u7f16\u7801\u5668webUI\u53d1\u51fa\u6076\u610f\u8bf7\u6c42\u65f6\uff0c\u53ef\u80fd\u4f1a\u5bf9\u673a\u5bc6\u6027\uff0c\u5b8c\u6574\u6027\u548c\u53ef\u7528\u6027\u4ea7\u751f\u5f71\u54cd\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Schneider Electric NET55XX Encoder\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Schneider Electric NET55XX Encoder \u003c2.1.9.7"
  },
  "referenceLink": "https://web.nvd.nist.gov//vuln/detail/CVE-2019-6814",
  "serverity": "\u9ad8",
  "submitTime": "2019-05-22",
  "title": "Schneider Electric NET55XX Encoder\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.