CVE-2021-27392

N/A

A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3), Siveillance Video Open Network Bridge (2020 R2), Siveillance Video Open Network Bridge (2020 R1), Siveillance Video Open Network Bridge (2019 R3), Siveillance Video Open Network Bridge (2019 R2), Siveillance Video Open Network Bridge (2019 R1), Siveillance Video Open Network Bridge (2018 R3), Siveillance Video Open Network Bridge (2018 R2). Affected Open Network Bridges store user credentials for the authentication between ONVIF clients and ONVIF server using a hard-coded key. The encrypted credentials can be retrieved via the MIP SDK. This could allow an authenticated remote attacker to retrieve and decrypt all credentials stored on the ONVIF server.

N/A

使用硬编码的密码学密钥

Siemens Open Network Bridge 信任管理问题漏洞

Siemens Milestone Open Network Bridge是德国西门子（Siemens）公司的一个应用软件。提供一个支持onvif的接口。 Open Network Bridge存在安全漏洞，该漏洞源于Open Network Bridge ONVIF客户端和ONVIF服务器之间的身份验证存储用户凭据，使用硬编码的密钥，这可以允许经过身份验证的远程攻击者检索和解密存储在ONVIF服务器上的所有凭据。以下产品及版本受到影响： Open Network Bridge 22020 R3、 Ope

N/A

N/A