CVE-2019-11684

26.02.2021, 16:15

Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 < v3.71.0034 and v3.81 < 3.81.0050; DIVAR IP 5000 3.80 < 3.80.0039; BVMS all versions using VRM.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.9 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
mitre	CNA	9.9 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 43%

Vendor	Product	Version
bosch	video_recording_manager	3.70 ≤ 𝑥 < 3.71.0034
bosch	video_recording_manager	3.81 ≤ 𝑥 < 3.81.0050
bosch	divar_ip_5000_firmware	3.80 ≤ 𝑥 < 3.80.0039
bosch	video_management_system	3.70.0056
bosch	video_management_system	3.70.0058
bosch	video_management_system	3.70.0060
bosch	video_management_system	3.70.0062
bosch	video_management_system	3.71.0022
bosch	video_management_system	3.71.0029
bosch	video_management_system	3.71.0031
bosch	video_management_system	3.71.0032
bosch	video_management_system	3.81.0032
bosch	video_management_system	3.81.0038
bosch	video_management_system	3.81.0048

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-306 - Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References

https://psirt.bosch.com/security-advisories/bosch-sa-804652.html