CVE-2022-4621

Published Jan 17, 2023

Last updated a year ago

CVSS high 8.8

Overview

Description: Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are vulnerable to CSRFs that can be exploited to allow an attacker to perform changes with administrator level privileges.
Source: ics-cert@hq.dhs.gov
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

ics-cert@hq.dhs.gov: CWE-352

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:panasonic:vcc-hd5600p_firmware:2.03-06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6092D5A0-D160-419D-9331-474596BDC352"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:panasonic:vcc-hd5600p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BEEE23B6-A8AF-4DFE-8DA4-7F1D8866204E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:panasonic:vcc-hd3300p_firmware:1.02-05:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FACF605-7033-4B1A-9BEA-EB73FAC16701"
          },
          {
            "criteria": "cpe:2.3:o:panasonic:vcc-hd3300p_firmware:2.03-08:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D068E9E-EF01-4054-A3E5-DEB3D2F88483"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:panasonic:vcc-hd3300p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B47AC573-A35B-4643-A768-6BA516FFC915"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:panasonic:vcc-hd3300_firmware:2.03-02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C8B7EDD-1958-4502-84EA-40AA4D6A7EFB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:panasonic:vcc-hd3300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3F45BFB2-D9FE-4E19-A93C-C527B249421A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:panasonic:vcc-hd2100p_firmware:2.03-02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "175E7140-7D6E-4875-97D1-76F89F0DD0BC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:panasonic:vcc-hd2100p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "58EB1D22-E611-4C6D-9208-82E5BD18C4E2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:panasonic:vcc-hd3100p_firmware:2.03-00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "348D6672-A6C5-4C69-B1A6-BC4B8DD3D2C0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:panasonic:vcc-hd3100p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D7FEAB1E-2A1F-45F8-B317-CBBE242FFD03"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References