CVE-2021-23847
Summary
| CVE | CVE-2021-23847 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-06-09 15:15:00 UTC |
| Updated | 2021-06-22 13:36:00 UTC |
| Description | A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with firmware 7.70, 7.72, and 7.80 prior to B128 are affected by this vulnerability. Versions 7.62 or lower and INTEOX cameras are not affected. |
Risk And Classification
Problem Types: CWE-306
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Bosch | Cpp6 | - | All | All | All |
| Operating System | Bosch | Cpp6 Firmware | All | All | All | All |
| Operating System | Bosch | Cpp6 Firmware | 7.70 | All | All | All |
| Operating System | Bosch | Cpp6 Firmware | 7.72 | All | All | All |
| Hardware | Bosch | Cpp7 | - | All | All | All |
| Hardware | Bosch | Cpp7.3 | - | All | All | All |
| Operating System | Bosch | Cpp7.3 Firmware | All | All | All | All |
| Operating System | Bosch | Cpp7.3 Firmware | 7.70 | All | All | All |
| Operating System | Bosch | Cpp7.3 Firmware | 7.72 | All | All | All |
| Operating System | Bosch | Cpp7 Firmware | All | All | All | All |
| Operating System | Bosch | Cpp7 Firmware | 7.70 | All | All | All |
| Operating System | Bosch | Cpp7 Firmware | 7.72 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Internet Archive: Scheduled Maintenance | CONFIRM | psirt.bosch.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.