CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6767

A path traversal vulnerability in the Bosch Video Management System (BVMS) FileTransferService allows an authenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.4%

CVSS Severity

CVSS v3 Score 7.7

CVSS v2 Score 4.0

References

Products affected by CVE-2020-6767

Bosch » Video Management System » Version: N/A

cpe:2.3:a:bosch:video_management_system:-
Bosch » Video Management System » Version: 10.0

cpe:2.3:a:bosch:video_management_system:10.0
Bosch » Video Management System » Version: 10.0.0.1225

cpe:2.3:a:bosch:video_management_system:10.0.0.1225
Bosch » Video Management System » Version: 3.70.0056

cpe:2.3:a:bosch:video_management_system:3.70.0056
Bosch » Video Management System » Version: 3.70.0058

cpe:2.3:a:bosch:video_management_system:3.70.0058
Bosch » Video Management System » Version: 3.70.0060

cpe:2.3:a:bosch:video_management_system:3.70.0060
Bosch » Video Management System » Version: 3.70.0062

cpe:2.3:a:bosch:video_management_system:3.70.0062
Bosch » Video Management System » Version: 3.71.0022

cpe:2.3:a:bosch:video_management_system:3.71.0022
Bosch » Video Management System » Version: 3.71.0029

cpe:2.3:a:bosch:video_management_system:3.71.0029
Bosch » Video Management System » Version: 3.71.0031

cpe:2.3:a:bosch:video_management_system:3.71.0031
Bosch » Video Management System » Version: 3.71.0032

cpe:2.3:a:bosch:video_management_system:3.71.0032
Bosch » Video Management System » Version: 3.71.0056

cpe:2.3:a:bosch:video_management_system:3.71.0056
Bosch » Video Management System » Version: 3.81.0032

cpe:2.3:a:bosch:video_management_system:3.81.0032
Bosch » Video Management System » Version: 3.81.0038

cpe:2.3:a:bosch:video_management_system:3.81.0038
Bosch » Video Management System » Version: 3.81.0048

cpe:2.3:a:bosch:video_management_system:3.81.0048
Bosch » Video Management System » Version: 7.5

cpe:2.3:a:bosch:video_management_system:7.5
Bosch » Video Management System » Version: 8.0

cpe:2.3:a:bosch:video_management_system:8.0
Bosch » Video Management System » Version: 8.0.0.329

cpe:2.3:a:bosch:video_management_system:8.0.0.329
Bosch » Video Management System » Version: 9.0

cpe:2.3:a:bosch:video_management_system:9.0
Bosch » Video Management System » Version: 9.0.0.827

cpe:2.3:a:bosch:video_management_system:9.0.0.827
Bosch » Video Management System Viewer » Version: N/A

cpe:2.3:a:bosch:video_management_system_viewer:-
Bosch » Video Management System Viewer » Version: 10.0

cpe:2.3:a:bosch:video_management_system_viewer:10.0
Bosch » Video Management System Viewer » Version: 10.0.0.1225

cpe:2.3:a:bosch:video_management_system_viewer:10.0.0.1225
Bosch » Video Management System Viewer » Version: 7.5

cpe:2.3:a:bosch:video_management_system_viewer:7.5
Bosch » Video Management System Viewer » Version: 8.0

cpe:2.3:a:bosch:video_management_system_viewer:8.0
Bosch » Video Management System Viewer » Version: 8.0.329

cpe:2.3:a:bosch:video_management_system_viewer:8.0.329
Bosch » Video Management System Viewer » Version: 9.0

cpe:2.3:a:bosch:video_management_system_viewer:9.0
Bosch » Video Management System Viewer » Version: 9.0.0.827

cpe:2.3:a:bosch:video_management_system_viewer:9.0.0.827
Bosch » Divar Ip 3000 » Version: N/A

cpe:2.3:h:bosch:divar_ip_3000:-
Bosch » Divar Ip 7000 » Version: N/A

cpe:2.3:h:bosch:divar_ip_7000:-
Bosch » Divar Ip All-In-One 5000 » Version: N/A

cpe:2.3:h:bosch:divar_ip_all-in-one_5000:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6767

Products

Pricing

Contact Us