Details of VAR-200112-0196

ID

VAR-200112-0196

CVE

CVE-2001-1543

TITLE

Axis Web Camera Default Administrator Password Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200112-191

DESCRIPTION

Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera. Axis Network Cameras are network ready cameras, including an internal web server to display images. They also include a web based administration tool. By default, the password to administer the cameras is 'pass'

Trust: 1.26

sources: NVD: CVE-2001-1543 // BID: 3640 // VULHUB: VHN-4344

AFFECTED PRODUCTS

vendor:	axis	model:	neteye 200	scope:	eq	version:	*	Trust: 1.0
vendor:	axis	model:	2110 network camera	scope:	eq	version:	*	Trust: 1.0
vendor:	axis	model:	2100 network camera	scope:	eq	version:	*	Trust: 1.0
vendor:	axis	model:	2120 network camera	scope:	eq	version:	*	Trust: 1.0
vendor:	axis	model:	neteye 200\+	scope:	eq	version:	*	Trust: 1.0
vendor:	axis	model:	2120 network camera	scope:	-	version:	-	Trust: 0.6
vendor:	axis	model:	2100 network camera	scope:	-	version:	-	Trust: 0.6
vendor:	axis	model:	neteye 200\+	scope:	-	version:	-	Trust: 0.6
vendor:	axis	model:	neteye 200	scope:	-	version:	-	Trust: 0.6
vendor:	axis	model:	2110 network camera	scope:	-	version:	-	Trust: 0.6
vendor:	axis	model:	communications network camera	scope:	eq	version:	2120	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	2110	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	2100	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	200+	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	200	Trust: 0.3

sources: BID: 3640 // CNNVD: CNNVD-200112-191 // NVD: CVE-2001-1543

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2001-1543
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200112-191
value:	HIGH
Trust: 0.6
VULHUB:	VHN-4344
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2001-1543
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-4344
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-4344 // CNNVD: CNNVD-200112-191 // NVD: CVE-2001-1543

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-1543

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200112-191

TYPE

Configuration Error

Trust: 0.9

sources: BID: 3640 // CNNVD: CNNVD-200112-191

EXTERNAL IDS

db:	BID	id:	3640	Trust: 2.0
db:	NVD	id:	CVE-2001-1543	Trust: 1.7
db:	CNNVD	id:	CNNVD-200112-191	Trust: 0.7
db:	BUGTRAQ	id:	20011205 AXIS NETWORK CAMERA KNOWN DEFAULT PASSWORD VULNERABILITY	Trust: 0.6
db:	BUGTRAQ	id:	20011206 RE: AXIS NETWORK CAMERA KNOWN DEFAULT PASSWORD VULNERABILITY	Trust: 0.6
db:	XF	id:	7665	Trust: 0.6
db:	VULHUB	id:	VHN-4344	Trust: 0.1

sources: VULHUB: VHN-4344 // BID: 3640 // CNNVD: CNNVD-200112-191 // NVD: CVE-2001-1543

REFERENCES

url:	http://www.securityfocus.com/bid/3640	Trust: 2.7
url:	http://archives.neohapsis.com/archives/bugtraq/2001-12/0050.html	Trust: 2.7
url:	http://archives.neohapsis.com/archives/bugtraq/2001-12/0061.html	Trust: 2.7
url:	http://www.iss.net/security_center/static/7665.php	Trust: 2.7
url:	http://www.axis.com/products/camera_servers/index.htm	Trust: 0.3

sources: VULHUB: VHN-4344 // BID: 3640 // CNNVD: CNNVD-200112-191 // NVD: CVE-2001-1543

CREDITS

Discovered by Chris Gragsone (maetrics@realwarp.net) of the Foot Clan, and published in an advisory dated December 5, 2001.

Trust: 0.9

sources: BID: 3640 // CNNVD: CNNVD-200112-191

SOURCES

db:	VULHUB	id:	VHN-4344
db:	BID	id:	3640
db:	CNNVD	id:	CNNVD-200112-191
db:	NVD	id:	CVE-2001-1543

LAST UPDATE DATE

2024-11-22T23:07:01.498000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-4344	date:	2008-09-05T00:00:00
db:	BID	id:	3640	date:	2001-12-05T00:00:00
db:	CNNVD	id:	CNNVD-200112-191	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2001-1543	date:	2024-11-20T23:37:56.310

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-4344	date:	2001-12-31T00:00:00
db:	BID	id:	3640	date:	2001-12-05T00:00:00
db:	CNNVD	id:	CNNVD-200112-191	date:	2001-12-31T00:00:00
db:	NVD	id:	CVE-2001-1543	date:	2001-12-31T05:00:00