{"id": "CVE-2017-9315", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-11-28T19:29:00.400", "references": [{"url": "http://www.dahuasecurity.com/annoucementsingle/security-advisory--admin-password-recovery-mechanism-in-some-dahua-ip-camera-and-ip-ptz-could-lead-to-security-risk_14731_221.html", "tags": ["Vendor Advisory"], "source": "cybersecurity@dahuatech.com"}, {"url": "http://www.dahuasecurity.com/annoucementsingle/security-advisory--admin-password-recovery-mechanism-in-some-dahua-ip-camera-and-ip-ptz-could-lead-to-security-risk_14731_221.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by attacker."}, {"lang": "es", "value": ">Los clientes de las c\u00e1maras Dahua IP o IP PTZ podr\u00edan enviar informaci\u00f3n relevante del dispositivo para recibir una contrase\u00f1a temporal limitada temporalmente por un distribuidor autorizado de Dahua para restablecer la contrase\u00f1a de administrador. El algoritmo empleado en este mecanismo est\u00e1 potencialmente en riesgo de verse comprometido y, consecuentemente, empleado por el atacante."}], "lastModified": "2024-11-21T03:35:49.310", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hfw1xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE24E587-F024-434C-8896-963EF6365DFD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hfw1xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95768203-C18D-48A4-ABFD-B0CBB1089542"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdw1xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2744338-2C47-4AE2-A357-B111413DA3C9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdw1xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2B4B5CB1-F578-4A34-9134-909EB47A6A79"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdbw1xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3365390-933F-4C20-99E9-F37BF1801757"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdbw1xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F2F39A03-A875-42D4-9F7B-3C8304A47F75"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hfw2xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B165D7E8-4076-44F2-AF5C-B080BB8DFC99"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hfw2xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "317F6509-E1DE-43B5-934C-12A922B41DDD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdw2xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "384003F9-F87D-4E60-B30B-C46AB14CE0E6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdw2xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CB77CAA7-8DD8-40F2-9E51-F89684D6A529"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdbw2xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD52A575-189E-45CD-8409-60FCFA9C9104"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdbw2xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0C1C5CFD-4478-4A4E-8EFC-831DC6D024A5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hfw4xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFAF151C-A17E-4285-A67C-4BD0C92DC7BB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hfw4xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1AFDC39A-E3C1-44F5-B7C8-DF8CADBFD164"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdw4xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4505B8FD-484F-469B-A107-E19D6ACA370C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdw4xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "48919159-9AB6-4E6C-9F52-3DA0C20AD311"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdbw4xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02D448B1-4DEA-417F-A481-8508EC93CE6D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdbw4xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5855375E-7076-4673-ABD6-68D52AC6E3AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hf5xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF482D7C-2E93-484F-B2CF-83A1CD90391A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hf5xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9FA32590-DDA8-4AF7-9726-3AE948169F2C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hfw5xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "901EB778-1C4C-4263-B7BA-C23FA30F83FD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hfw5xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "21F950CB-744F-41FF-8AB9-B04D9DD98137"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdw5xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFCB56DD-7E27-497F-89F3-608FB0EEF1A8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdw5xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4F73AB75-CA0C-4637-833F-321E734379AD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdbw5xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77CB6549-619B-4073-9285-4D814D5C41DF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdbw5xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C6A4F9A7-6E9E-4081-8028-3AF07BC3984C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hf8xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8956722A-BBF6-4894-A54D-A30719023CE8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hf8xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C8CCA2F9-11FA-4628-ABA5-BBDF2AD1B381"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hfw8xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B75682D0-F7CE-4C7A-A976-26FB9CB57C6E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hfw8xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5CF4396B-731D-4974-A637-DB5DD6BBC118"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hdbw8xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "884D3DF3-D215-4F40-844E-EFDA911ECC4A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hdbw8xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D317690B-8B4F-4AA6-ACFE-6AD0FBF83019"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-ebw8xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "897B0D4B-CFBB-48FB-8E0A-DC2E8AB2C9FA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-ebw8xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B5974C7A-BDB8-4D70-839E-0610B4CF3ED5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-pfw8xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE9E916E-27B1-474F-B8A5-75648C47B10E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-pfw8xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "42A9D46F-B7AA-4676-81E3-270E1F75B2FF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:dh-sd2xxxxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0B62AED-E282-4ABB-BE4C-0CA0B220B745"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:dh-sd2xxxxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7A0121F6-C477-4807-A363-559D458DF338"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-pdbw8xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FEBCB12-C48A-48E3-BADC-796CEBF78D47"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-pdbw8xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9482CF5F-E64F-47BF-BC88-D031E954B574"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:ipc-hum8xxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B85237D9-2BB8-4C90-A7F7-F4BDE0C8A023"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:ipc-hum8xxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "59624353-3DC1-4836-8880-CC8C036400C5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:psd8xxxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A55BC8BF-6AEE-498B-8103-557678D6AAF1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:psd8xxxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D4CC924F-869B-4441-AECC-62B6F86D6B7D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:dh-sd4xxxxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79A48D20-0206-4D9E-AB6F-5AB5F437012E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:dh-sd4xxxxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "072DC6D9-0089-4A4C-8457-D40E8C189930"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:dh-sd5xxxxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93D6FAE3-3FC2-4E60-98F9-9BE5B3C6001E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:dh-sd5xxxxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "88E0E2DE-11AB-4564-A2C9-A39467688379"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dahuasecurity:dh-sd6xxxxx_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E998E1F-6DF3-49C7-9A03-9C2FCBA3FB23"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dahuasecurity:dh-sd6xxxxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E9E2C4E-4D99-4CB7-B332-EACB5504A752"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cybersecurity@dahuatech.com"}