CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6768

A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.5%

CVSS Severity

CVSS v3 Score 8.6

CVSS v2 Score 5.0

References

Products affected by CVE-2020-6768

Bosch » Video Management System » Version: N/A

cpe:2.3:a:bosch:video_management_system:-
Bosch » Video Management System » Version: 10.0

cpe:2.3:a:bosch:video_management_system:10.0
Bosch » Video Management System » Version: 10.0.0.1225

cpe:2.3:a:bosch:video_management_system:10.0.0.1225
Bosch » Video Management System » Version: 3.70.0056

cpe:2.3:a:bosch:video_management_system:3.70.0056
Bosch » Video Management System » Version: 3.70.0058

cpe:2.3:a:bosch:video_management_system:3.70.0058
Bosch » Video Management System » Version: 3.70.0060

cpe:2.3:a:bosch:video_management_system:3.70.0060
Bosch » Video Management System » Version: 3.70.0062

cpe:2.3:a:bosch:video_management_system:3.70.0062
Bosch » Video Management System » Version: 3.71.0022

cpe:2.3:a:bosch:video_management_system:3.71.0022
Bosch » Video Management System » Version: 3.71.0029

cpe:2.3:a:bosch:video_management_system:3.71.0029
Bosch » Video Management System » Version: 3.71.0031

cpe:2.3:a:bosch:video_management_system:3.71.0031
Bosch » Video Management System » Version: 3.71.0032

cpe:2.3:a:bosch:video_management_system:3.71.0032
Bosch » Video Management System » Version: 3.71.0056

cpe:2.3:a:bosch:video_management_system:3.71.0056
Bosch » Video Management System » Version: 3.81.0032

cpe:2.3:a:bosch:video_management_system:3.81.0032
Bosch » Video Management System » Version: 3.81.0038

cpe:2.3:a:bosch:video_management_system:3.81.0038
Bosch » Video Management System » Version: 3.81.0048

cpe:2.3:a:bosch:video_management_system:3.81.0048
Bosch » Video Management System » Version: 7.5

cpe:2.3:a:bosch:video_management_system:7.5
Bosch » Video Management System » Version: 8.0

cpe:2.3:a:bosch:video_management_system:8.0
Bosch » Video Management System » Version: 8.0.0.329

cpe:2.3:a:bosch:video_management_system:8.0.0.329
Bosch » Video Management System » Version: 9.0

cpe:2.3:a:bosch:video_management_system:9.0
Bosch » Video Management System » Version: 9.0.0.827

cpe:2.3:a:bosch:video_management_system:9.0.0.827
Bosch » Video Management System Viewer » Version: N/A

cpe:2.3:a:bosch:video_management_system_viewer:-
Bosch » Video Management System Viewer » Version: 10.0

cpe:2.3:a:bosch:video_management_system_viewer:10.0
Bosch » Video Management System Viewer » Version: 10.0.0.1225

cpe:2.3:a:bosch:video_management_system_viewer:10.0.0.1225
Bosch » Video Management System Viewer » Version: 7.5

cpe:2.3:a:bosch:video_management_system_viewer:7.5
Bosch » Video Management System Viewer » Version: 8.0

cpe:2.3:a:bosch:video_management_system_viewer:8.0
Bosch » Video Management System Viewer » Version: 8.0.329

cpe:2.3:a:bosch:video_management_system_viewer:8.0.329
Bosch » Video Management System Viewer » Version: 9.0

cpe:2.3:a:bosch:video_management_system_viewer:9.0
Bosch » Video Management System Viewer » Version: 9.0.0.827

cpe:2.3:a:bosch:video_management_system_viewer:9.0.0.827
Bosch » Divar Ip 3000 » Version: N/A

cpe:2.3:h:bosch:divar_ip_3000:-
Bosch » Divar Ip 7000 » Version: N/A

cpe:2.3:h:bosch:divar_ip_7000:-
Bosch » Divar Ip All-In-One 5000 » Version: N/A

cpe:2.3:h:bosch:divar_ip_all-in-one_5000:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6768

Products

Pricing

Contact Us