CVE-2019-6958

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The RCP+ network port allows access without authentication. Adding authentication feature to the respective library fixes the issue. The issue is classified as "CWE-284: Improper Access Control." This vulnerability, for example, allows a potential attacker to delete video or read video data.

CVSS v3.0 9.1 CRITICAL
CVSS v2.0 6.4 MEDIUM

9.1^/10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

6.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2019-0404bt-cve-2019-6958_security_advisory_improper_access_control.pdf	Mitigation Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:bosch:bosch_video_management_system::::::::
	cpe:2.3:a:bosch:access_professional_edition::::::::
	cpe:2.3:a:bosch:building_integration_system::::::::
	cpe:2.3:a:bosch:building_integration_system:4.5:::::::*
	cpe:2.3:a:bosch:building_integration_system:4.6:::::::*
	cpe:2.3:a:bosch:building_integration_system:4.6.1:::::::*
	cpe:2.3:a:bosch:bosch_video_client::::::::
	cpe:2.3:a:bosch:video_sdk::::::::
	cpe:2.3:a:bosch:configuration_manager::::::::

Configuration 2 (hide)

AND

cpe:2.3:o:bosch:dip_2000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:bosch:dip_2000:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:bosch:dip_3000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:bosch:dip_3000:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:bosch:dip_5000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:bosch:dip_5000:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:bosch:dip_7000_firmware:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:bosch:dip_7000:gen1:::::::*
	cpe:2.3:h:bosch:dip_7000:gen2:::::::*

Configuration 6 (hide)

AND

OR	cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.8.5:::::::*
	cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.0:::::::*
	cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.1:::::::*
	cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.3:::::::*

cpe:2.3:h:bosch:access_easy_controller:-:*:*:*:*:*:*:*

Information

Published : 2019-05-29 12:29

Updated : 2023-01-31 13:04

NVD link : CVE-2019-6958

Mitre link : CVE-2019-6958

JSON object : View

CWE

CWE-306

Missing Authentication for Critical Function

Products Affected

bosch

dip_2000
dip_3000_firmware
access_easy_controller
dip_5000_firmware
dip_3000
dip_7000_firmware
configuration_manager
bosch_video_client
video_sdk
dip_5000
dip_2000_firmware
access_professional_edition
dip_7000
access_easy_controller_firmware
building_integration_system
bosch_video_management_system

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2019-0404bt-cve-2019-6958_security_advisory_improper_access_control.pdf", "name": "https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2019-0404bt-cve-2019-6958_security_advisory_improper_access_control.pdf", "tags": ["Mitigation", "Vendor Advisory"], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The RCP+ network port allows access without authentication. Adding authentication feature to the respective library fixes the issue. The issue is classified as \"CWE-284: Improper Access Control.\" This vulnerability, for example, allows a potential attacker to delete video or read video data."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-306"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-6958", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}}, "publishedDate": "2019-05-29T19:29Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "9.0"}, {"cpe23Uri": "cpe:2.3:a:bosch:access_professional_edition:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.7", "versionStartIncluding": "3.0"}, {"cpe23Uri": "cpe:2.3:a:bosch:building_integration_system:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.4", "versionStartIncluding": "2.2"}, {"cpe23Uri": "cpe:2.3:a:bosch:building_integration_system:4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:bosch:building_integration_system:4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:bosch:building_integration_system:4.6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:bosch:bosch_video_client:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.7.6.079"}, {"cpe23Uri": "cpe:2.3:a:bosch:video_sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.32.0099"}, {"cpe23Uri": "cpe:2.3:a:bosch:configuration_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.10"}]}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:bosch:dip_2000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "0380.037"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:bosch:dip_2000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:bosch:dip_3000_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:bosch:dip_3000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:bosch:dip_5000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "038.037"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:bosch:dip_5000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:bosch:dip_7000_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:bosch:dip_7000:gen1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:bosch:dip_7000:gen2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.8.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:bosch:access_easy_controller:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-01-31T21:04Z"}

9.1 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

6.4 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2019-6958

9.1^/10

6.4^/10

Attach tags to `CVE-2019-6958`