CVE-2023-5800 - OpenCVE

Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Axis	Axis Os Axis Os 2020 Axis Os 2022

Configuration 1 [-]

cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:axis:axis_os_2020:::::lts:::*
	cpe:2.3:o:axis:axis_os_2022:::::lts:::*

No data.

References

Link	Providers
https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: Axis

Published: 2024-02-05T05:20:38.668Z

Updated: 2024-08-02T08:14:24.007Z

Reserved: 2023-10-26T10:41:05.983Z

Link: CVE-2023-5800

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2024-02-05T06:15:46.863

Modified: 2024-02-13T00:37:47.070

Link: CVE-2023-5800

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5800", "assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807", "state": "PUBLISHED", "assignerShortName": "Axis", "dateReserved": "2023-10-26T10:41:05.983Z", "datePublished": "2024-02-05T05:20:38.668Z", "dateUpdated": "2024-08-02T08:14:24.007Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "AXIS OS", "vendor": "Axis Communications AB", "versions": [{"status": "affected", "version": "AXIS OS 11.8, 10.12, 9.80, 8.40, 6.50"}]}], "datePublic": "2024-02-05T05:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Vintage,\nmember of the AXIS OS Bug Bounty Program, has found that the VAPIX API <i>create_overlay.cgi</i>\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution.</p>\n\n\n\n\n\n"}], "value": "Vintage,\nmember of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution.\n\n\n\n\n\n\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807", "shortName": "Axis", "dateUpdated": "2024-02-05T05:20:38.668Z"}, "references": [{"url": "https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdf"}], "source": {"discovery": "UNKNOWN"}, "title": "Insufficient input validation in VAPIX API create_overlay.cgi", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:14:24.007Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdf", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*", "matchCriteriaId": "BB6705C7-3875-40DB-9491-A20683CDEE21", "versionEndExcluding": "11.8.61", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*", "matchCriteriaId": "03238E64-BBDB-4DBE-A51C-F378C63708BE", "versionEndExcluding": "9.80.55", "vulnerable": true}, {"criteria": "cpe:2.3:o:axis:axis_os_2022:*:*:*:*:lts:*:*:*", "matchCriteriaId": "FA06BD2A-7430-410E-A726-AFF0074F8692", "versionEndExcluding": "10.12.220", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Vintage,\nmember of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution.\n\n\n\n\n\n\n\n"}, {"lang": "es", "value": "Vintage, miembro del programa AXIS OS Bug Bounty, descubri\u00f3 que la API VAPIX create_overlay.cgi no ten\u00eda una validaci\u00f3n de entrada suficiente que permitiera una posible ejecuci\u00f3n remota de c\u00f3digo. Esta falla solo puede explotarse despu\u00e9s de autenticarse con una cuenta de servicio con privilegios de operador o administrador. Axis ha lanzado versiones parcheadas del sistema operativo AXIS para la falla resaltada. Consulte el aviso de seguridad de Axis para obtener m\u00e1s informaci\u00f3n y soluciones."}], "id": "CVE-2023-5800", "lastModified": "2024-02-13T00:37:47.070", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "product-security@axis.com", "type": "Secondary"}]}, "published": "2024-02-05T06:15:46.863", "references": [{"source": "product-security@axis.com", "tags": ["Vendor Advisory"], "url": "https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdf"}], "sourceIdentifier": "product-security@axis.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}