CVE-2023-28809
15.06.2023, 19:15
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.Enginsight
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-k1t320efwx_firmware | - |
| hikvision | ds-k1t320efx_firmware | - |
| hikvision | ds-k1t320ewx_firmware | - |
| hikvision | ds-k1t320ex_firmware | - |
| hikvision | ds-k1t320mfwx_firmware | - |
| hikvision | ds-k1t320mfx_firmware | - |
| hikvision | ds-k1t320mwx_firmware | - |
| hikvision | ds-k1t320mx_firmware | - |
| hikvision | ds-k1t341am_firmware | - |
| hikvision | ds-k1t341amf_firmware | - |
| hikvision | ds-k1t341cm_firmware | - |
| hikvision | ds-k1t343ewx_firmware | - |
| hikvision | ds-k1t343ex_firmware | - |
| hikvision | ds-k1t343mwx_firmware | - |
| hikvision | ds-k1t343mx_firmware | - |
| hikvision | ds-k1t671_firmware | - |
| hikvision | ds-k1t671m_firmware | - |
| hikvision | ds-k1t671mf_firmware | - |
| hikvision | ds-k1t671t_firmware | - |
| hikvision | ds-k1t671tm_firmware | - |
| hikvision | ds-k1t671tm-3xf_firmware | - |
| hikvision | ds-k1t671tmf_firmware | - |
| hikvision | ds-k1t671tmfw_firmware | - |
| hikvision | ds-k1t671tmw_firmware | - |
| hikvision | ds-k1t804af_firmware | - |
| hikvision | ds-k1t804amf_firmware | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-284 - Improper Access ControlThe software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
- CWE-384 - Session FixationAuthenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
References