Details of VAR-200412-0381

ID

VAR-200412-0381

CVE

CVE-2004-2427

TITLE

Axis Network Camera versus Video Server Information disclosure and service rejection vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200412-409

DESCRIPTION

Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to (1) admin/getparam.cgi, (2) admin/systemlog.cgi, (3) admin/serverreport.cgi, and (4) admin/paramlist.cgi, modify system information via (5) setparam.cgi and (6) factorydefault.cgi, or (7) cause a denial of service (reboot) via restart.cgi. 2420 Video Server is prone to a denial-of-service vulnerability

Trust: 1.26

sources: NVD: CVE-2004-2427 // BID: 90381 // VULHUB: VHN-10855

AFFECTED PRODUCTS

vendor:	axis	model:	2420 network camera	scope:	eq	version:	2.32	Trust: 1.6
vendor:	axis	model:	2420 network camera	scope:	eq	version:	2.41	Trust: 1.6
vendor:	axis	model:	2420 network camera	scope:	eq	version:	2.34	Trust: 1.6
vendor:	axis	model:	2420 network camera	scope:	eq	version:	2.33	Trust: 1.6
vendor:	axis	model:	2420 network camera	scope:	eq	version:	2.31	Trust: 1.6
vendor:	axis	model:	2420 network camera	scope:	eq	version:	2.30	Trust: 1.6
vendor:	axis	model:	2420 network camera	scope:	eq	version:	2.12	Trust: 1.6
vendor:	axis	model:	2411 video server	scope:	eq	version:	3.13	Trust: 1.6
vendor:	axis	model:	2420 network camera	scope:	eq	version:	2.40	Trust: 1.6
vendor:	axis	model:	2411 video server	scope:	eq	version:	3.12	Trust: 1.6
vendor:	axis	model:	2400 video server	scope:	eq	version:	1.12	Trust: 1.0
vendor:	axis	model:	2130 ptz network camera	scope:	eq	version:	2.30	Trust: 1.0
vendor:	axis	model:	2120 network camera	scope:	eq	version:	2.32	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	2.0	Trust: 1.0
vendor:	axis	model:	2460 network dvr	scope:	eq	version:	3.11	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	1.2	Trust: 1.0
vendor:	axis	model:	2110 network camera	scope:	eq	version:	2.34	Trust: 1.0
vendor:	axis	model:	2100 network camera	scope:	eq	version:	2.33	Trust: 1.0
vendor:	axis	model:	2401 video server	scope:	eq	version:	2.30	Trust: 1.0
vendor:	axis	model:	2120 network camera	scope:	eq	version:	2.40	Trust: 1.0
vendor:	axis	model:	2490 serial server	scope:	eq	version:	*	Trust: 1.0
vendor:	axis	model:	2130 ptz network camera	scope:	eq	version:	2.34	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	1.10	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	3.11	Trust: 1.0
vendor:	axis	model:	2401 video server	scope:	eq	version:	2.20	Trust: 1.0
vendor:	axis	model:	2420 video server	scope:	eq	version:	2.32	Trust: 1.0
vendor:	axis	model:	250s video server	scope:	eq	version:	3.10	Trust: 1.0
vendor:	axis	model:	2100 network camera	scope:	eq	version:	2.31	Trust: 1.0
vendor:	axis	model:	2401 video server	scope:	eq	version:	1.15	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	2.33	Trust: 1.0
vendor:	axis	model:	2120 network camera	scope:	eq	version:	2.41	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	2.31	Trust: 1.0
vendor:	axis	model:	250s video server	scope:	eq	version:	*	Trust: 1.0
vendor:	axis	model:	2100 network camera	scope:	eq	version:	2.32	Trust: 1.0
vendor:	axis	model:	2401 video server	scope:	eq	version:	1.0_1	Trust: 1.0
vendor:	axis	model:	2401 video server	scope:	eq	version:	2.34	Trust: 1.0
vendor:	axis	model:	2120 network camera	scope:	eq	version:	2.12	Trust: 1.0
vendor:	axis	model:	2120 network camera	scope:	eq	version:	2.30	Trust: 1.0
vendor:	axis	model:	2110 network camera	scope:	eq	version:	2.31	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	2.32	Trust: 1.0
vendor:	axis	model:	2100 network camera	scope:	eq	version:	2.40	Trust: 1.0
vendor:	axis	model:	2130 ptz network camera	scope:	eq	version:	2.31	Trust: 1.0
vendor:	axis	model:	230 mpeg2 video server	scope:	eq	version:	3.11	Trust: 1.0
vendor:	axis	model:	2110 network camera	scope:	eq	version:	2.32	Trust: 1.0
vendor:	axis	model:	2120 network camera	scope:	eq	version:	2.34	Trust: 1.0
vendor:	axis	model:	2100 network camera	scope:	eq	version:	2.41	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	3.12	Trust: 1.0
vendor:	axis	model:	2401 video server	scope:	eq	version:	2.33	Trust: 1.0
vendor:	axis	model:	2460 network dvr	scope:	eq	version:	3.10	Trust: 1.0
vendor:	axis	model:	2130 ptz network camera	scope:	eq	version:	2.32	Trust: 1.0
vendor:	axis	model:	2401 video server	scope:	eq	version:	3.13	Trust: 1.0
vendor:	axis	model:	2110 network camera	scope:	eq	version:	2.40	Trust: 1.0
vendor:	axis	model:	2100 network camera	scope:	eq	version:	2.12	Trust: 1.0
vendor:	axis	model:	2401 video server	scope:	eq	version:	2.31	Trust: 1.0
vendor:	axis	model:	2460 network dvr	scope:	eq	version:	*	Trust: 1.0
vendor:	axis	model:	2100 network camera	scope:	eq	version:	2.30	Trust: 1.0
vendor:	axis	model:	storpoint cd	scope:	eq	version:	*	Trust: 1.0
vendor:	axis	model:	2420 video server	scope:	eq	version:	2.34	Trust: 1.0
vendor:	axis	model:	2490 serial server	scope:	eq	version:	2.11.3	Trust: 1.0
vendor:	axis	model:	2130 ptz network camera	scope:	eq	version:	2.40	Trust: 1.0
vendor:	axis	model:	250s video server	scope:	eq	version:	3.03	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	2.30	Trust: 1.0
vendor:	axis	model:	2110 network camera	scope:	eq	version:	2.41	Trust: 1.0
vendor:	axis	model:	2401 video server	scope:	eq	version:	2.32	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	1.1	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	2.20	Trust: 1.0
vendor:	axis	model:	2401 video server	scope:	eq	version:	3.12	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	1.11	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	1.15	Trust: 1.0
vendor:	axis	model:	2100 network camera	scope:	eq	version:	2.34	Trust: 1.0
vendor:	axis	model:	2120 network camera	scope:	eq	version:	2.31	Trust: 1.0
vendor:	axis	model:	2110 network camera	scope:	eq	version:	2.12	Trust: 1.0
vendor:	axis	model:	2400 video server	scope:	eq	version:	2.34	Trust: 1.0
vendor:	axis	model:	2110 network camera	scope:	eq	version:	2.30	Trust: 1.0
vendor:	gtcatalog	model:	gtcatalog	scope:	eq	version:	0.8.16	Trust: 0.3
vendor:	axis	model:	communications storpoint cd	scope:	-	version:	-	Trust: 0.3
vendor:	axis	model:	communications 250s video server	scope:	eq	version:	3.03	Trust: 0.3
vendor:	axis	model:	communications serial server	scope:	eq	version:	24902.11.3	Trust: 0.3
vendor:	axis	model:	communications network dvr	scope:	eq	version:	24603.11	Trust: 0.3
vendor:	axis	model:	communications network dvr	scope:	eq	version:	24603.10	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24202.34	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24202.32	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	24202.41	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	24202.40	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	24202.34	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	24202.33	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	24202.32	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	24202.31	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	24202.30	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	24202.12	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24113.13	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24113.12	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24012.34	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24012.33	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24012.32	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24012.31	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24012.30	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24012.20	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24011.15	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24011.01	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24013.13	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24013.12	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24002.34	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24002.33	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24002.32	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24002.31	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24002.30	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24002.20	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24002.0	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24001.15	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24001.12	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24001.11	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24001.10	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24003.12	Trust: 0.3
vendor:	axis	model:	communications video server	scope:	eq	version:	24003.11	Trust: 0.3
vendor:	axis	model:	communications ptz network camera	scope:	eq	version:	21302.40	Trust: 0.3
vendor:	axis	model:	communications ptz network camera	scope:	eq	version:	21302.34	Trust: 0.3
vendor:	axis	model:	communications ptz network camera	scope:	eq	version:	21302.31	Trust: 0.3
vendor:	axis	model:	communications ptz network camera	scope:	eq	version:	21302.30	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21202.41	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21202.40	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21202.34	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21202.32	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21202.31	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21202.30	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21202.12	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21102.41	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21102.40	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21102.34	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21102.32	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21102.31	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21102.30	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21102.12	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21002.41	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21002.40	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21002.34	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21002.33	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21002.32	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21002.31	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21002.30	Trust: 0.3
vendor:	axis	model:	communications network camera	scope:	eq	version:	21002.12	Trust: 0.3
vendor:	axis	model:	mpeg2 video server	scope:	eq	version:	2303.11	Trust: 0.3

sources: BID: 90381 // CNNVD: CNNVD-200412-409 // NVD: CVE-2004-2427

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-2427
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200412-409
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-10855
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2004-2427
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-10855
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-10855 // CNNVD: CNNVD-200412-409 // NVD: CVE-2004-2427

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-2427

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-409

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200412-409

EXTERNAL IDS

db:	NVD	id:	CVE-2004-2427	Trust: 2.0
db:	SECTRACK	id:	1011056	Trust: 2.0
db:	OSVDB	id:	9123	Trust: 1.7
db:	OSVDB	id:	9126	Trust: 1.7
db:	OSVDB	id:	9128	Trust: 1.7
db:	OSVDB	id:	9129	Trust: 1.7
db:	OSVDB	id:	9125	Trust: 1.7
db:	OSVDB	id:	9127	Trust: 1.7
db:	OSVDB	id:	9130	Trust: 1.7
db:	CNNVD	id:	CNNVD-200412-409	Trust: 0.7
db:	FULLDISC	id:	20040822 [POC] NASTY BUG(S) FOUND IN AXIS NETWORK CAMERA/VIDEO SERVERS	Trust: 0.6
db:	BID	id:	90381	Trust: 0.4
db:	VULHUB	id:	VHN-10855	Trust: 0.1

sources: VULHUB: VHN-10855 // BID: 90381 // CNNVD: CNNVD-200412-409 // NVD: CVE-2004-2427

REFERENCES

url:	http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0948.html	Trust: 2.0
url:	http://securitytracker.com/id?1011056	Trust: 2.0
url:	http://www.osvdb.org/9123	Trust: 1.7
url:	http://www.osvdb.org/9125	Trust: 1.7
url:	http://www.osvdb.org/9126	Trust: 1.7
url:	http://www.osvdb.org/9127	Trust: 1.7
url:	http://www.osvdb.org/9128	Trust: 1.7
url:	http://www.osvdb.org/9129	Trust: 1.7
url:	http://www.osvdb.org/9130	Trust: 1.7

sources: VULHUB: VHN-10855 // BID: 90381 // CNNVD: CNNVD-200412-409 // NVD: CVE-2004-2427

CREDITS

Unknown

Trust: 0.3

sources: BID: 90381

SOURCES

db:	VULHUB	id:	VHN-10855
db:	BID	id:	90381
db:	CNNVD	id:	CNNVD-200412-409
db:	NVD	id:	CVE-2004-2427

LAST UPDATE DATE

2024-08-14T14:00:44.026000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-10855	date:	2008-09-05T00:00:00
db:	BID	id:	90381	date:	2004-12-31T00:00:00
db:	CNNVD	id:	CNNVD-200412-409	date:	2007-01-24T00:00:00
db:	NVD	id:	CVE-2004-2427	date:	2008-09-05T20:44:06.610

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-10855	date:	2004-12-31T00:00:00
db:	BID	id:	90381	date:	2004-12-31T00:00:00
db:	CNNVD	id:	CNNVD-200412-409	date:	2004-12-31T00:00:00
db:	NVD	id:	CVE-2004-2427	date:	2004-12-31T05:00:00