Vulnerabilities > CVE-2023-2306 - Unspecified vulnerability in Qognify Nicevision 3.1

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

qognify

critical

NVD

Published: 2023-10-05

Updated: 2024-11-21

Summary

Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information using hard-coded credentials. With these credentials an attacker can retrieve information about the cameras, user information, and modify database records.

Vulnerable Configurations

Part	Description	Count
Application	Qognify Qognify Nicevision - Qognify Nicevision 3.1	2

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-278-02
https://www.cisa.gov/news-events/ics-advisories/icsa-23-278-02