Vulnerabilities > Bosch > Bosch Video Management System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-18 | CVE-2023-35867 | Unspecified vulnerability in Bosch products An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. | 5.9 |
| 2022-09-30 | CVE-2022-32540 | Information Exposure vulnerability in Bosch products Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. | 5.9 |
| 2021-12-08 | CVE-2021-23859 | Improper Handling of Exceptional Conditions vulnerability in Bosch products An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. | 7.5 |
| 2021-12-08 | CVE-2021-23860 | Cross-site Scripting vulnerability in Bosch products An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. | 6.1 |
| 2021-12-08 | CVE-2021-23861 | Unspecified vulnerability in Bosch products By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. | 6.5 |
| 2021-12-08 | CVE-2021-23862 | OS Command Injection vulnerability in Bosch products A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. | 7.2 |
| 2019-05-29 | CVE-2019-6958 | Missing Authentication for Critical Function vulnerability in Bosch products A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). | 9.1 |
| 2019-05-29 | CVE-2019-6957 | Out-of-bounds Write vulnerability in Bosch products A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). | 9.8 |