The server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to see FTP credentials in a cleartext HTTP traffic. These can be used for FTP access to the server.
References
Configurations
Configuration 1 (hide)
AND |
|
History
28 Jul 2023, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2022-07-21 16:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-28861
Mitre link : CVE-2022-28861
CVE.ORG link : CVE-2022-28861
JSON object : View
Products Affected
axis
- m1125
citilog
- citilog
CWE
CWE-319
Cleartext Transmission of Sensitive Information