IM
IronMonkey Threat Research

CVE-2019-18228 HIGH

Published: 2019-10-31 | Last Modified: 2024-11-21 | Status: Modified

Description

Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service.

Additional Descriptions (1)

En las cámaras IP serie equIP de Honeywell Multiple equIP Series Cameras, una vulnerabilidad se presenta en los productos afectados donde una petición de paquete HTTP especialmente diseñada podría resultar en una denegación de servicio.

CVSS Metrics

Base Score: 7.5 (HIGH)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorNETWORK
Attack ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 3.9

Impact Score: 3.6

Base Score: 5.0 (MEDIUM)

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactPARTIAL

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 2.9

Weaknesses

Source Type Description
[email protected] Secondary
en CWE-20
[email protected] Primary
en CWE-20

Affected Products

Vendor Product Version Update Type
honeywell h2w2pc1m_firmware - <built-in method update of dict object at 0x7c3c40d54a80> Operating System
honeywell h2w2per3_firmware - <built-in method update of dict object at 0x7c3c40d55040> Operating System
honeywell h2w4per3_firmware - <built-in method update of dict object at 0x7c3c684d84c0> Operating System
honeywell h4w2per2_firmware - <built-in method update of dict object at 0x7c3c6af4ac40> Operating System
honeywell h4w2per3_firmware - <built-in method update of dict object at 0x7c3c40d54880> Operating System
honeywell h4w4per2_firmware - <built-in method update of dict object at 0x7c3c40d54d40> Operating System
honeywell h4w4per3_firmware - <built-in method update of dict object at 0x7c3c476bfc00> Operating System
honeywell h4w8pr2_firmware - <built-in method update of dict object at 0x7c3c40d55180> Operating System
honeywell hbd2per1_firmware - <built-in method update of dict object at 0x7c3c40d54240> Operating System
honeywell hbw2per1_firmware - <built-in method update of dict object at 0x7c3c40d55340> Operating System
honeywell hbw2per2_firmware - <built-in method update of dict object at 0x7c3c476bc280> Operating System
honeywell hbw4per1_firmware - <built-in method update of dict object at 0x7c3c40d544c0> Operating System
honeywell hbw4per2_firmware - <built-in method update of dict object at 0x7c3c476bd000> Operating System
honeywell hbw4pgr1_firmware - <built-in method update of dict object at 0x7c3bf3b4f040> Operating System
honeywell hbw8pr2_firmware - <built-in method update of dict object at 0x7c3c40d57a80> Operating System
honeywell hed2per3_firmware - <built-in method update of dict object at 0x7c3c482ccdc0> Operating System
honeywell hew2per2_firmware - <built-in method update of dict object at 0x7c3c40d54e80> Operating System
honeywell hew2per3_firmware - <built-in method update of dict object at 0x7c3bf3b7b380> Operating System
honeywell hew4per2b_firmware - <built-in method update of dict object at 0x7c3c40d57bc0> Operating System
honeywell hew4per3_firmware - <built-in method update of dict object at 0x7c3bf3a24c80> Operating System
honeywell hew4per3b_firmware - <built-in method update of dict object at 0x7c3c40d56a80> Operating System
honeywell hew4per2b_firmware - <built-in method update of dict object at 0x7c3c40d55900> Operating System
honeywell hdzp252di_firmware - <built-in method update of dict object at 0x7c3c476bc4c0> Operating System
honeywell hdzp304di_firmware - <built-in method update of dict object at 0x7c3c40d57f40> Operating System
honeywell hpw2p1_firmware - <built-in method update of dict object at 0x7c3bf3b2f540> Operating System
honeywell h2w2gr1_firmware - <built-in method update of dict object at 0x7c3bf3b4c0c0> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:h2w2pc1m_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:h2w2pc1m:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:h2w2per3_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:h2w2per3:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:h2w4per3_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:h2w4per3:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:h4w2per2_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:h4w2per2:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:h4w2per3_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:h4w2per3:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:h4w4per2_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:h4w4per2:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:h4w4per3_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:h4w4per3:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:h4w8pr2_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:h4w8pr2:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hbd2per1_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hbd2per1:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hbw2per1_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hbw2per1:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hbw2per2_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hbw2per2:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hbw4per1_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hbw4per1:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hbw4per2_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hbw4per2:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hbw4pgr1_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hbw4pgr1:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hbw8pr2_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hbw8pr2:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hed2per3_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hed2per3:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hew2per2_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hew2per2:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hew2per3_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hew2per3:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hew4per2b_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hew4per2b:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hew4per3_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hew4per3:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hew4per3b_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hew4per3b:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hew4per2b_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hew4per2b:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hdzp252di_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hdzp252di:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hdzp304di_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hdzp304di:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:hpw2p1_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:hpw2p1:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:honeywell:h2w2gr1_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:honeywell:h2w2gr1:-:*:*:*:*:*:*:*

References

Notification
Message here