CVE-2019-14709

Published: Aug 6, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further systems.

Affected (3)

Products: Microdigital: Mdc N4090 Firmware, Mdc N4090w Firmware, Mdc N2190v Firmware

3 products

Mdc N4090 Firmware

Mdc N4090w Firmware

Mdc N2190v Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Microdigital Mdc N4090 Firmware	Up to 6400.0.8.5

Running on/with	Platform Versions
Microdigital Mdc N4090	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Microdigital Mdc N4090w Firmware	Up to 6400.0.8.5

Running on/with	Platform Versions
Microdigital Mdc N4090w	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Microdigital Mdc N2190v Firmware	Up to 6400.0.8.5

Running on/with	Platform Versions
Microdigital Mdc N2190v	All versions

Related CWEs

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (6)

http://www.microdigital.co.kr/

Source: cve@mitre.org

Vendor Advisory

https://pastebin.com/PSyqqs1g

Source: cve@mitre.org

Not ApplicableThird Party Advisory

https://www.microdigital.ru/

Source: cve@mitre.org

Vendor Advisory

http://www.microdigital.co.kr/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://pastebin.com/PSyqqs1g

Source: af854a3a-2127-422b-91ae-364da2661108

Not ApplicableThird Party Advisory

https://www.microdigital.ru/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.