cve-2023-5800
Vulnerability from cvelistv5
Published
2024-02-05 05:20
Modified
2024-11-08 08:22
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Summary
Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
product-security@axis.comhttps://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdfVendor Advisory
Impacted products
Vendor Product Version
Axis Communications AB AXIS OS Version: AXIS OS 11.8, 10.12, 9.80, 8.40, 6.50
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:14:24.007Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "AXIS OS",
          "vendor": "Axis Communications AB",
          "versions": [
            {
              "status": "affected",
              "version": "AXIS OS 11.8, 10.12, 9.80, 8.40, 6.50"
            }
          ]
        }
      ],
      "datePublic": "2024-02-05T05:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eVintage,\nmember of the AXIS OS Bug Bounty Program, has found that the VAPIX API \u003ci\u003ecreate_overlay.cgi\u003c/i\u003e\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution.\u003c/p\u003e"
            }
          ],
          "value": "Vintage,\nmember of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-35",
              "description": "CWE-35: Path Traversal",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-08T08:22:51.675Z",
        "orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
        "shortName": "Axis"
      },
      "references": [
        {
          "url": "https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Insufficient input validation in VAPIX API create_overlay.cgi",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
    "assignerShortName": "Axis",
    "cveId": "CVE-2023-5800",
    "datePublished": "2024-02-05T05:20:38.668Z",
    "dateReserved": "2023-10-26T10:41:05.983Z",
    "dateUpdated": "2024-11-08T08:22:51.675Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-5800\",\"sourceIdentifier\":\"product-security@axis.com\",\"published\":\"2024-02-05T06:15:46.863\",\"lastModified\":\"2024-11-21T08:42:30.943\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vintage,\\nmember of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi\\ndid not have a sufficient input validation allowing for a possible remote code\\nexecution. This flaw can only be exploited after authenticating with an\\noperator- or administrator-privileged service account. Axis has released patched AXIS OS\\nversions for the highlighted flaw. Please refer to the Axis security advisory\\nfor more information and solution.\"},{\"lang\":\"es\",\"value\":\"Vintage, miembro del programa AXIS OS Bug Bounty, descubri\u00f3 que la API VAPIX create_overlay.cgi no ten\u00eda una validaci\u00f3n de entrada suficiente que permitiera una posible ejecuci\u00f3n remota de c\u00f3digo. Esta falla solo puede explotarse despu\u00e9s de autenticarse con una cuenta de servicio con privilegios de operador o administrador. Axis ha lanzado versiones parcheadas del sistema operativo AXIS para la falla resaltada. Consulte el aviso de seguridad de Axis para obtener m\u00e1s informaci\u00f3n y soluciones.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"product-security@axis.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"product-security@axis.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-35\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*\",\"versionEndExcluding\":\"11.8.61\",\"matchCriteriaId\":\"BB6705C7-3875-40DB-9491-A20683CDEE21\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*\",\"versionEndExcluding\":\"9.80.55\",\"matchCriteriaId\":\"03238E64-BBDB-4DBE-A51C-F378C63708BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:axis:axis_os_2022:*:*:*:*:lts:*:*:*\",\"versionEndExcluding\":\"10.12.220\",\"matchCriteriaId\":\"FA06BD2A-7430-410E-A726-AFF0074F8692\"}]}]}],\"references\":[{\"url\":\"https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdf\",\"source\":\"product-security@axis.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.