CVE-2017-14953

MEDIUM Year: 2017
CVSS v3 Score
6.5
Medium
CVSS v2 Score
3.3
Low
Weakness Type
CWE-311
View all →

Vulnerability Description

HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication. NOTE: Vendor states that this is not a vulnerability, but more an increase to the attack surface of the product

Related Vulnerabilities

CVE-2010-3299

MEDIUM
CVSS:6.5(Medium)

The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.

CWE-3112010

CVE-2017-12716

MEDIUM
CVSS:6.5(Medium)

Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patient information via RF communications to programmers and home monitoring units. Additionall...

CWE-3112017

CVE-2018-4855

MEDIUM
CVSS:6.5(Medium)

A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). Unencrypted storage of passwords in the client configuration files and during network transmission...

CWE-3112018

CVE-2018-5185

MEDIUM
CVSS:6.5(Medium)

Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

CWE-3112018

CVE-2019-1003088

MEDIUM
CVSS:6.5(Medium)

Jenkins Fabric Beta Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the mast...

CWE-3112019

CVE-2019-1003089

MEDIUM
CVSS:6.5(Medium)

Jenkins Upload to pgyer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master fil...

CWE-3112019