exploitDog

CVE-2015-8253

Опубликовано: 27 дек. 2015

Источник: nvd

CVSS3: 3.7

CVSS2: 4.3

EPSS Низкий

Описание

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive (1) message or (2) MJPEG video data by sniffing the network.

Ссылки

http://cybergibbons.com/alarms-2/multiple-serious-vulnerabilities-in-rsi-videofieds-alarm-protocol/
Exploit
https://www.kb.cert.org/vuls/id/792004
Third Party Advisory
US Government Resource
http://cybergibbons.com/alarms-2/multiple-serious-vulnerabilities-in-rsi-videofieds-alarm-protocol/
Exploit
https://www.kb.cert.org/vuls/id/792004
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rsi_video_technologies:frontel_protocol:*:*:*:*:*:*:*:*

Версия до 2.0 (включая)

EPSS

Процентиль: 53%

0.00303

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-j335-v6vv-vx7c

CVSS3: 3.7

github

больше 3 лет назад

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive (1) message or (2) MJPEG video data by sniffing the network.

EPSS

Процентиль: 53%

0.00303

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200