Chiudi menu
Cerca Mostra/Nascondi menu

TABELLA VULNERABILITà

JBF s.r.l. è responsabile di ricevere, gestire e divulgare pubblicamente le vulnerabilità di sicurezza relative ai propri prodotti e soluzioni.

Elenco Vulnerabilità

CVSS Score: 8.6(High)CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

PRODUCT: JBF-AS-5MP-BNC; JBF-AS-5MP-IR; JBF-AS-5MP-DOME; JBF-AS-8MP-BV; JBF-AS-4X5MP-DOME;

AFFECTED VERSION: Firmware Build time before 2024/6/1

FIXED VERSION: JBF_IPC-HX5XXX-single-Riemann_EngItl_PN_Stream4-CustomPro_V3.142.19AV000.0.R.250224;JBF_IPC-PDBW820XX-Faraday_EngItl_PN_Stream3_V3.100.19AV001.0.R.240821;

AFFECTED COMPONENTS: Login Components;

ATTACK VECTOR: Exploiting vulnerabilities requires network accessibility

PROBLEM TYPE: Denial of Services

DESCRIPTION: The login logic has an improper input validation issue, which allows attackers to cause device initialization through carefully crafted messages.

DATE: 2025-06-06

CVSS Score: 7.5(High)CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

PRODUCT: JBF-AS-5MP-BNC; JBF-AS-5MP-IR; JBF-AS-5MP-DOME; JBF-AS-8MP-BV; JBF-AS-4X5MP-DOME;

AFFECTED VERSION: Firmware Build time before 2024/6/1

FIXED VERSION: JBF_IPC-HX5XXX-single-Riemann_EngItl_PN_Stream4-CustomPro_V3.142.19AV000.0.R.250224;JBF_IPC-PDBW820XX-Faraday_EngItl_PN_Stream3_V3.100.19AV001.0.R.240821;

AFFECTED COMPONENTS: Configuration management components.

ATTACK VECTOR: Exploiting vulnerabilities requires network accessibility

PROBLEM TYPE: Denial of Services

DESCRIPTION: The Configuration management components fails to properly validate inputs. Attackers can exploit this by sending carefully crafted messages to cause the device to crash.

DATE: 2025-06-06

CVSS Score: 6.5(Medium)CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

PRODUCT: JBF-AS-5MP-BNC; JBF-AS-5MP-IR; JBF-AS-5MP-DOME; JBF-AS-8MP-BV; JBF-AS-4X5MP-DOME;

AFFECTED VERSION: Firmware Build time before 2024/6/1

FIXED VERSION: JBF_IPC-HX5XXX-single-Riemann_EngItl_PN_Stream4-CustomPro_V3.142.19AV000.0.R.250224;JBF_IPC-PDBW820XX-Faraday_EngItl_PN_Stream3_V3.100.19AV001.0.R.240821;

AFFECTED COMPONENTS: File management components

ATTACK VECTOR: Exploiting vulnerabilities requires network accessibility

PROBLEM TYPE: Denial of Services

DESCRIPTION: The File management components fails to properly validate inputs, allowing attackers to cause the device to crash by sending carefully crafted packets.

DATE: 2025-06-06