Vulnerability Details CVE-2023-28175
Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.9%
CVSS Severity
CVSS v3 Score 7.1
References
Products affected by CVE-2023-28175
-
cpe:2.3:a:bosch:video_management_system:10.0
-
cpe:2.3:a:bosch:video_management_system:10.0.0.1225
-
cpe:2.3:a:bosch:video_management_system:10.0.1
-
cpe:2.3:a:bosch:video_management_system:10.1
-
cpe:2.3:a:bosch:video_management_system:10.1.0
-
cpe:2.3:a:bosch:video_management_system:7.5
-
cpe:2.3:a:bosch:video_management_system:8.0
-
cpe:2.3:a:bosch:video_management_system:8.0.0.329
-
cpe:2.3:a:bosch:video_management_system:9.0
-
cpe:2.3:a:bosch:video_management_system:9.0.0.827
-
cpe:2.3:a:bosch:video_management_system_viewer:10.0
-
cpe:2.3:a:bosch:video_management_system_viewer:10.0.0.1225
-
cpe:2.3:a:bosch:video_management_system_viewer:7.5
-
cpe:2.3:a:bosch:video_management_system_viewer:8.0
-
cpe:2.3:a:bosch:video_management_system_viewer:8.0.329
-
cpe:2.3:a:bosch:video_management_system_viewer:9.0
-
cpe:2.3:a:bosch:video_management_system_viewer:9.0.0.827
-
cpe:2.3:h:bosch:divar_ip_3000:-
-
cpe:2.3:h:bosch:divar_ip_4000:-
-
cpe:2.3:h:bosch:divar_ip_5000:-
-
cpe:2.3:h:bosch:divar_ip_6000:-
-
cpe:2.3:h:bosch:divar_ip_7000:-
-
cpe:2.3:h:bosch:divar_ip_7000_r2:-
-
cpe:2.3:h:bosch:divar_ip_7000_r3:-
-
cpe:2.3:o:bosch:divar_ip_3000_firmware:*
-
cpe:2.3:o:bosch:divar_ip_4000_firmware:11.1.1
-
cpe:2.3:o:bosch:divar_ip_5000_firmware:*
-
cpe:2.3:o:bosch:divar_ip_6000_firmware:11.1.1
-
cpe:2.3:o:bosch:divar_ip_7000_firmware:*
-
cpe:2.3:o:bosch:divar_ip_7000_r2_firmware:*
-
cpe:2.3:o:bosch:divar_ip_7000_r3_firmware:*