CVE-2023-6894
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD
Description
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been classified as problematic. This affects an unknown part of the file access/html/system.html of the component Log File Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-248253 was assigned to this vulnerability.
Affected (1)
Products: Hikvision: Intercom Broadcast System
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From 3.0.3 to 4.1.0 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds Kd Bk | All versions |
Hikvision Ds Kd Dis | All versions |
Hikvision Ds Kd E | All versions |
Hikvision Ds Kd In | All versions |
Hikvision Ds Kd Info | All versions |
Hikvision Ds Kd Kk | All versions |
Hikvision Ds Kd Kk/s | All versions |
Hikvision Ds Kd Kp | All versions |
Hikvision Ds Kd Kp/s | All versions |
Hikvision Ds Kd M | All versions |
Hikvision Ds Kd3003 E6 | All versions |
Hikvision Ds Kd8003ime1(b) | All versions |
Hikvision Ds Kd8003ime1(b)/flush | All versions |
Hikvision Ds Kd8003ime1(b)/ns | All versions |
Hikvision Ds Kd8003ime1(b)/s | All versions |
Hikvision Ds Kd8003ime1(b)/surface | All versions |
Hikvision Ds Kh6220 Le1 | All versions |
Hikvision Ds Kh6320 Le1 | All versions |
Hikvision Ds Kh6320 Tde1 | All versions |
Hikvision Ds Kh6320 Te1 | All versions |
Hikvision Ds Kh6320 Wtde1 | All versions |
Hikvision Ds Kh6320 Wte1 | All versions |
Hikvision Ds Kh6350 Wte1 | All versions |
Hikvision Ds Kh6351 Te1 | All versions |
Hikvision Ds Kh6351 Wte1 | All versions |
Hikvision Ds Kh63le1(b) | All versions |
Hikvision Ds Kh8520 Wte1 | All versions |
Hikvision Ds Kh9310 Wte1(b) | All versions |
Hikvision Ds Kh9510 Wte1(b) | All versions |
References (6)
Source: cna@vuldb.com
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Timeline
No history available yet.