Lucene search

[email protected]CVE-2022-45431

HistoryDec 27, 2022 - 6:15 p.m.

CVE-2022-45431

2022-12-2718:15:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2022-45431

dahua

remote dss server

unauthenticated restart

vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

39.5%

JSON

Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated restart of remote DSS Server.

CPENameOperatorVersion
dahuasecurity:dhi-dss7016d-s2_firmwaredahuasecurity dhi-dss7016d-s2 firmwareeq1.001.0000001.2
dahuasecurity:dhi-dss7016d-s2_firmwaredahuasecurity dhi-dss7016d-s2 firmwareeq8.0.2
dahuasecurity:dhi-dss7016d-s2_firmwaredahuasecurity dhi-dss7016d-s2 firmwareeq8.0.4
dahuasecurity:dhi-dss7016d-s2_firmwaredahuasecurity dhi-dss7016d-s2 firmwareeq8.1
dahuasecurity:dhi-dss7016dr-s2_firmwaredahuasecurity dhi-dss7016dr-s2 firmwareeq1.001.0000001.2
dahuasecurity:dhi-dss7016dr-s2_firmwaredahuasecurity dhi-dss7016dr-s2 firmwareeq8.0.2
dahuasecurity:dhi-dss7016dr-s2_firmwaredahuasecurity dhi-dss7016dr-s2 firmwareeq8.0.4
dahuasecurity:dhi-dss7016dr-s2_firmwaredahuasecurity dhi-dss7016dr-s2 firmwareeq8.1
dahuasecurity:dhi-dss4004-s2_firmwaredahuasecurity dhi-dss4004-s2 firmwareeq1.001.0000001.2
dahuasecurity:dhi-dss4004-s2_firmwaredahuasecurity dhi-dss4004-s2 firmwareeq8.0.2

CPE	Name	Operator	Version
dahuasecurity:dhi-dss7016d-s2_firmware	dahuasecurity dhi-dss7016d-s2 firmware	eq	1.001.0000001.2
dahuasecurity:dhi-dss7016d-s2_firmware	dahuasecurity dhi-dss7016d-s2 firmware	eq	8.0.2
dahuasecurity:dhi-dss7016d-s2_firmware	dahuasecurity dhi-dss7016d-s2 firmware	eq	8.0.4
dahuasecurity:dhi-dss7016d-s2_firmware	dahuasecurity dhi-dss7016d-s2 firmware	eq	8.1
dahuasecurity:dhi-dss7016dr-s2_firmware	dahuasecurity dhi-dss7016dr-s2 firmware	eq	1.001.0000001.2
dahuasecurity:dhi-dss7016dr-s2_firmware	dahuasecurity dhi-dss7016dr-s2 firmware	eq	8.0.2
dahuasecurity:dhi-dss7016dr-s2_firmware	dahuasecurity dhi-dss7016dr-s2 firmware	eq	8.0.4
dahuasecurity:dhi-dss7016dr-s2_firmware	dahuasecurity dhi-dss7016dr-s2 firmware	eq	8.1
dahuasecurity:dhi-dss4004-s2_firmware	dahuasecurity dhi-dss4004-s2 firmware	eq	1.001.0000001.2
dahuasecurity:dhi-dss4004-s2_firmware	dahuasecurity dhi-dss4004-s2 firmware	eq	8.0.2

Rows per page:

1-10 of 221

References

www.dahuasecurity.com/support/cybersecurity/details/1137

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

39.5%

JSON

Related for CVE-2022-45431

cvelist1 prion1