CVE Vulnerabilities

CVE-2023-28808

Published: Apr 11, 2023 | Modified: Apr 24, 2023
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.

Affected Software

Name Vendor Start Version End Version
Ds-a71024_firmware Hikvision * 2.3.8-8

References