CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-21415

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.4%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2023-21415

Axis » Axis Os » Version: 11.0.103

cpe:2.3:o:axis:axis_os:11.0.103
Axis » Axis Os » Version: 11.0.104

cpe:2.3:o:axis:axis_os:11.0.104
Axis » Axis Os » Version: 11.0.108

cpe:2.3:o:axis:axis_os:11.0.108
Axis » Axis Os » Version: 11.0.89

cpe:2.3:o:axis:axis_os:11.0.89
Axis » Axis Os » Version: 11.0.93

cpe:2.3:o:axis:axis_os:11.0.93
Axis » Axis Os » Version: 11.0.95

cpe:2.3:o:axis:axis_os:11.0.95
Axis » Axis Os » Version: 11.0.99

cpe:2.3:o:axis:axis_os:11.0.99
Axis » Axis Os » Version: 11.1.55

cpe:2.3:o:axis:axis_os:11.1.55
Axis » Axis Os » Version: 11.1.61

cpe:2.3:o:axis:axis_os:11.1.61
Axis » Axis Os » Version: 11.1.65

cpe:2.3:o:axis:axis_os:11.1.65
Axis » Axis Os » Version: 11.1.72

cpe:2.3:o:axis:axis_os:11.1.72
Axis » Axis Os » Version: 11.2.53

cpe:2.3:o:axis:axis_os:11.2.53
Axis » Axis Os » Version: 11.2.61

cpe:2.3:o:axis:axis_os:11.2.61
Axis » Axis Os » Version: 11.2.64

cpe:2.3:o:axis:axis_os:11.2.64
Axis » Axis Os » Version: 11.2.66

cpe:2.3:o:axis:axis_os:11.2.66
Axis » Axis Os » Version: 11.2.68

cpe:2.3:o:axis:axis_os:11.2.68
Axis » Axis Os » Version: 11.2.71

cpe:2.3:o:axis:axis_os:11.2.71
Axis » Axis Os » Version: 11.3.57

cpe:2.3:o:axis:axis_os:11.3.57
Axis » Axis Os » Version: 11.3.70

cpe:2.3:o:axis:axis_os:11.3.70
Axis » Axis Os » Version: 11.3.71

cpe:2.3:o:axis:axis_os:11.3.71
Axis » Axis Os » Version: 11.3.74

cpe:2.3:o:axis:axis_os:11.3.74
Axis » Axis Os » Version: 11.4.52

cpe:2.3:o:axis:axis_os:11.4.52
Axis » Axis Os » Version: 11.4.63

cpe:2.3:o:axis:axis_os:11.4.63
Axis » Axis Os » Version: 11.4.69

cpe:2.3:o:axis:axis_os:11.4.69
Axis » Axis Os » Version: 11.4.74

cpe:2.3:o:axis:axis_os:11.4.74
Axis » Axis Os » Version: 11.5.54

cpe:2.3:o:axis:axis_os:11.5.54
Axis » Axis Os » Version: 11.5.64

cpe:2.3:o:axis:axis_os:11.5.64
Axis » Axis Os » Version: 11.5.70

cpe:2.3:o:axis:axis_os:11.5.70
Axis » Axis Os » Version: 11.5.72

cpe:2.3:o:axis:axis_os:11.5.72
Axis » Axis Os » Version: 11.5.75

cpe:2.3:o:axis:axis_os:11.5.75
Axis » Axis Os » Version: 11.5.77

cpe:2.3:o:axis:axis_os:11.5.77
Axis » Axis Os » Version: 11.5.81

cpe:2.3:o:axis:axis_os:11.5.81
Axis » Axis Os » Version: 6.50.5.10

cpe:2.3:o:axis:axis_os:6.50.5.10
Axis » Axis Os » Version: 6.50.5.11

cpe:2.3:o:axis:axis_os:6.50.5.11
Axis » Axis Os » Version: 6.50.5.12

cpe:2.3:o:axis:axis_os:6.50.5.12
Axis » Axis Os » Version: 6.50.5.13

cpe:2.3:o:axis:axis_os:6.50.5.13
Axis » Axis Os » Version: 6.50.5.3

cpe:2.3:o:axis:axis_os:6.50.5.3
Axis » Axis Os » Version: 6.50.5.4

cpe:2.3:o:axis:axis_os:6.50.5.4
Axis » Axis Os » Version: 6.50.5.5

cpe:2.3:o:axis:axis_os:6.50.5.5
Axis » Axis Os » Version: 6.50.5.6

cpe:2.3:o:axis:axis_os:6.50.5.6
Axis » Axis Os » Version: 6.50.5.7

cpe:2.3:o:axis:axis_os:6.50.5.7
Axis » Axis Os » Version: 6.50.5.8

cpe:2.3:o:axis:axis_os:6.50.5.8
Axis » Axis Os 2016 » Version: 6.50.2

cpe:2.3:o:axis:axis_os_2016:6.50.2
Axis » Axis Os 2016 » Version: 6.50.3

cpe:2.3:o:axis:axis_os_2016:6.50.3
Axis » Axis Os 2016 » Version: 6.50.3.1

cpe:2.3:o:axis:axis_os_2016:6.50.3.1
Axis » Axis Os 2016 » Version: 6.50.4

cpe:2.3:o:axis:axis_os_2016:6.50.4
Axis » Axis Os 2016 » Version: 6.50.4.1

cpe:2.3:o:axis:axis_os_2016:6.50.4.1
Axis » Axis Os 2016 » Version: 6.50.4.2

cpe:2.3:o:axis:axis_os_2016:6.50.4.2
Axis » Axis Os 2016 » Version: 6.50.5

cpe:2.3:o:axis:axis_os_2016:6.50.5
Axis » Axis Os 2016 » Version: 6.50.5.1

cpe:2.3:o:axis:axis_os_2016:6.50.5.1
Axis » Axis Os 2018 » Version: 8.40.2

cpe:2.3:o:axis:axis_os_2018:8.40.2
Axis » Axis Os 2018 » Version: 8.40.2.1

cpe:2.3:o:axis:axis_os_2018:8.40.2.1
Axis » Axis Os 2018 » Version: 8.40.2.2

cpe:2.3:o:axis:axis_os_2018:8.40.2.2
Axis » Axis Os 2018 » Version: 8.40.3

cpe:2.3:o:axis:axis_os_2018:8.40.3
Axis » Axis Os 2018 » Version: 8.40.3.1

cpe:2.3:o:axis:axis_os_2018:8.40.3.1
Axis » Axis Os 2018 » Version: 8.40.3.2

cpe:2.3:o:axis:axis_os_2018:8.40.3.2
Axis » Axis Os 2018 » Version: 8.40.3.3

cpe:2.3:o:axis:axis_os_2018:8.40.3.3
Axis » Axis Os 2018 » Version: 8.40.4

cpe:2.3:o:axis:axis_os_2018:8.40.4
Axis » Axis Os 2018 » Version: 8.40.4.1

cpe:2.3:o:axis:axis_os_2018:8.40.4.1
Axis » Axis Os 2018 » Version: 8.40.4.2

cpe:2.3:o:axis:axis_os_2018:8.40.4.2
Axis » Axis Os 2018 » Version: 8.40.4.3

cpe:2.3:o:axis:axis_os_2018:8.40.4.3
Axis » Axis Os 2018 » Version: 8.40.4.4

cpe:2.3:o:axis:axis_os_2018:8.40.4.4
Axis » Axis Os 2020 » Version: 9.80.2

cpe:2.3:o:axis:axis_os_2020:9.80.2
Axis » Axis Os 2020 » Version: 9.80.2.2

cpe:2.3:o:axis:axis_os_2020:9.80.2.2
Axis » Axis Os 2020 » Version: 9.80.2.3

cpe:2.3:o:axis:axis_os_2020:9.80.2.3
Axis » Axis Os 2020 » Version: 9.80.2.4

cpe:2.3:o:axis:axis_os_2020:9.80.2.4
Axis » Axis Os 2020 » Version: 9.80.3

cpe:2.3:o:axis:axis_os_2020:9.80.3
Axis » Axis Os 2020 » Version: 9.80.3.1

cpe:2.3:o:axis:axis_os_2020:9.80.3.1
Axis » Axis Os 2020 » Version: 9.80.3.2

cpe:2.3:o:axis:axis_os_2020:9.80.3.2
Axis » Axis Os 2020 » Version: 9.80.3.3

cpe:2.3:o:axis:axis_os_2020:9.80.3.3
Axis » Axis Os 2020 » Version: 9.80.3.4

cpe:2.3:o:axis:axis_os_2020:9.80.3.4
Axis » Axis Os 2020 » Version: 9.80.3.5

cpe:2.3:o:axis:axis_os_2020:9.80.3.5
Axis » Axis Os 2020 » Version: 9.80.3.6

cpe:2.3:o:axis:axis_os_2020:9.80.3.6
Axis » Axis Os 2022 » Version: N/A

cpe:2.3:o:axis:axis_os_2022:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-21415

Products

Pricing

Contact Us