CVE-2014-3895

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-3895

6.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

T

he I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/V camera with firmware 1.06 and earlier, TS-WPTCAM camera with firmware 1.08 and earlier, TS-PTCAM camera with firmware 1.08 and earlier, TS-PTCAM/POE camera with firmware 1.08 and earlier, and TS-WLC2 camera with firmware 1.02 and earlier allow remote attackers to bypass authentication, and consequently obtain sensitive credential and configuration data, via unspecified vectors.

References
Link Resource
http://jvn.jp/en/jp/JVN94592501/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000087
http://www.iodata.jp/support/information/2014/qwatch/ Vendor Advisory
http://jvn.jp/en/jp/JVN94592501/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000087
http://www.iodata.jp/support/information/2014/qwatch/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:iodata:ts-wlcam\/v_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:iodata:ts-wlcam\/v_camera:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:iodata:ts-wptcam_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:iodata:ts-wptcam_camera:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:iodata:ts-wlcam_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:iodata:ts-wlcam_camera:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:h:iodata:ts-ptcam\/poe_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:iodata:ts-ptcam\/poe_camera:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:iodata:ts-wlc2_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:iodata:ts-wlc2_camera:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:iodata:ts-ptcam_camera_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:iodata:ts-ptcam_camera:-:*:*:*:*:*:*:*
History

21 Nov 2024, 02:09

Type Values Removed Values Added
References () http://jvn.jp/en/jp/JVN94592501/index.html - () http://jvn.jp/en/jp/JVN94592501/index.html -
References () http://jvndb.jvn.jp/jvndb/JVNDB-2014-000087 - () http://jvndb.jvn.jp/jvndb/JVNDB-2014-000087 -
References () http://www.iodata.jp/support/information/2014/qwatch/ - Vendor Advisory () http://www.iodata.jp/support/information/2014/qwatch/ - Vendor Advisory
Information

Published : 2014-07-29 20:55

Updated : 2025-04-12 10:46

NVD link : CVE-2014-3895

Mitre link : CVE-2014-3895

CVE.ORG link : CVE-2014-3895

JSON object : View

Products Affected

iodata

CWE
CWE-287

Improper Authentication