CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-11684

Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 < v3.71.0034 and v3.81 < 3.81.0050; DIVAR IP 5000 3.80 < 3.80.0039; BVMS all versions using VRM.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.1%

CVSS Severity

CVSS v3 Score 9.9

CVSS v2 Score 10.0

References

Products affected by CVE-2019-11684

Bosch » Video Management System » Version: 3.70.0056

cpe:2.3:a:bosch:video_management_system:3.70.0056
Bosch » Video Management System » Version: 3.70.0058

cpe:2.3:a:bosch:video_management_system:3.70.0058
Bosch » Video Management System » Version: 3.70.0060

cpe:2.3:a:bosch:video_management_system:3.70.0060
Bosch » Video Management System » Version: 3.70.0062

cpe:2.3:a:bosch:video_management_system:3.70.0062
Bosch » Video Management System » Version: 3.71.0022

cpe:2.3:a:bosch:video_management_system:3.71.0022
Bosch » Video Management System » Version: 3.71.0029

cpe:2.3:a:bosch:video_management_system:3.71.0029
Bosch » Video Management System » Version: 3.71.0031

cpe:2.3:a:bosch:video_management_system:3.71.0031
Bosch » Video Management System » Version: 3.71.0032

cpe:2.3:a:bosch:video_management_system:3.71.0032
Bosch » Video Management System » Version: 3.81.0032

cpe:2.3:a:bosch:video_management_system:3.81.0032
Bosch » Video Management System » Version: 3.81.0038

cpe:2.3:a:bosch:video_management_system:3.81.0038
Bosch » Video Management System » Version: 3.81.0048

cpe:2.3:a:bosch:video_management_system:3.81.0048
Bosch » Video Recording Manager » Version: 3.70

cpe:2.3:a:bosch:video_recording_manager:3.70
Bosch » Video Recording Manager » Version: 3.70.0056

cpe:2.3:a:bosch:video_recording_manager:3.70.0056
Bosch » Video Recording Manager » Version: 3.70.0058

cpe:2.3:a:bosch:video_recording_manager:3.70.0058
Bosch » Video Recording Manager » Version: 3.70.0060

cpe:2.3:a:bosch:video_recording_manager:3.70.0060
Bosch » Video Recording Manager » Version: 3.70.0062

cpe:2.3:a:bosch:video_recording_manager:3.70.0062
Bosch » Video Recording Manager » Version: 3.71

cpe:2.3:a:bosch:video_recording_manager:3.71
Bosch » Video Recording Manager » Version: 3.71.0022

cpe:2.3:a:bosch:video_recording_manager:3.71.0022
Bosch » Video Recording Manager » Version: 3.71.0029

cpe:2.3:a:bosch:video_recording_manager:3.71.0029
Bosch » Video Recording Manager » Version: 3.71.0031

cpe:2.3:a:bosch:video_recording_manager:3.71.0031
Bosch » Video Recording Manager » Version: 3.71.0032

cpe:2.3:a:bosch:video_recording_manager:3.71.0032
Bosch » Video Recording Manager » Version: 3.81

cpe:2.3:a:bosch:video_recording_manager:3.81
Bosch » Video Recording Manager » Version: 3.81.0032

cpe:2.3:a:bosch:video_recording_manager:3.81.0032
Bosch » Video Recording Manager » Version: 3.81.0038

cpe:2.3:a:bosch:video_recording_manager:3.81.0038
Bosch » Video Recording Manager » Version: 3.81.0048

cpe:2.3:a:bosch:video_recording_manager:3.81.0048
Bosch » Divar Ip 5000 » Version: N/A

cpe:2.3:h:bosch:divar_ip_5000:-
Bosch » Divar Ip 5000 Firmware » Version: 3.80

cpe:2.3:o:bosch:divar_ip_5000_firmware:3.80
Bosch » Divar Ip 5000 Firmware » Version: 3.80.0033

cpe:2.3:o:bosch:divar_ip_5000_firmware:3.80.0033
Bosch » Divar Ip 5000 Firmware » Version: 3.80.0035

cpe:2.3:o:bosch:divar_ip_5000_firmware:3.80.0035
Bosch » Divar Ip 5000 Firmware » Version: 3.80.0037

cpe:2.3:o:bosch:divar_ip_5000_firmware:3.80.0037

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-11684

Products

Pricing

Contact Us