Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2023-2306
PUBLISHED
More InfoOfficial Page
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
View Known Exploited Vulnerability (KEV) details
Published At-05 Oct, 2023 | 16:46
Updated At-16 Jan, 2025 | 21:29
Rejected At-
▼CVE Numbering Authority (CNA)
Qognify NiceVision Use of Hard-coded Credentials

Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information using hard-coded credentials. With these credentials an attacker can retrieve information about the cameras, user information, and modify database records.

Affected Products
Vendor
Qognify
Product
NiceVision
Default Status
unaffected
Versions
Affected
  • From 0 through 3.1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-798CWE-798 Use of Hard-coded Credentials
Metrics
VersionBase scoreBase severityVector
3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Qognify has released NiceVision v3.2 UP2 HF2. The latest release is available to customers who have an active SMA (Service Maintenance Agreement) with Qognify. For more information contact Qognify https://www.qognify.com/contact-us/ .

Configurations
Workarounds
Exploits
Credits
finder
Roni Gavrilov of OTORIO reported this vulnerability to CISA.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-278-02
N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-278-02
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found