Vulnerabilities > Bosch > Video Recording Manager > 3.71.0032
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-18 | CVE-2023-32230 | Unspecified vulnerability in Bosch products An improper handling of a malformed API request to an API server in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. | 7.5 |
| 2021-12-08 | CVE-2021-23859 | Improper Handling of Exceptional Conditions vulnerability in Bosch products An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. | 7.5 |
| 2021-12-08 | CVE-2021-23860 | Cross-site Scripting vulnerability in Bosch products An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. | 6.1 |
| 2021-12-08 | CVE-2021-23861 | Unspecified vulnerability in Bosch products By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. | 6.5 |
| 2021-12-08 | CVE-2021-23862 | OS Command Injection vulnerability in Bosch products A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. | 7.2 |
| 2021-02-26 | CVE-2019-11684 | Missing Authentication for Critical Function vulnerability in Bosch products Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. | 9.8 |