What is CVE-2019-8951?

CVE-2019-8951 is an Open Redirect vulnerability located in the webserver of several Bosch hardware and software products.

How does CVE-2019-8951 affect Bosch DIVAR IP 2000 Firmware?

CVE-2019-8951 affects Bosch DIVAR IP 2000 Firmware versions up to and excluding 3.62.0019.

How does CVE-2019-8951 affect Bosch DIVAR IP 5000 Firmware?

CVE-2019-8951 affects Bosch DIVAR IP 5000 Firmware versions up to and excluding 3.80.0033.

Which Bosch software products are affected by CVE-2019-8951?

CVE-2019-8951 affects Bosch Video Management System and Bosch Video Recording Manager.

What is the severity of CVE-2019-8951?

CVE-2019-8951 has a severity rating of 6.1, which is considered medium.

Vulnerability/
CVE-2019-8951

medium

6.1

CWE

601

13/5/2019

4/8/2024

CVE-2019-8951

First published: Mon May 13 2019(Updated: )

An Open Redirect vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote attacker to redirect users to an arbitrary URL. Affected hardware products: Bosch DIVAR IP 2000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.62.0019 and newer), Bosch DIVAR IP 5000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.80.0033 and newer). Affected software products: Video Recording Manager (VRM) (vulnerable versions: 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.70.0056 and newer; 3.81.0032 and newer), Bosch Video Management System (BVMS) (vulnerable versions: 3.50.00XX; 3.55.00XX; 3.60.00XX; fixed versions: 7.5; 3.70.0056).

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Bosch Divar Ip 2000 Firmware	<3.62.0019
Bosch DIVAR IP 2000
Bosch Divar Ip 5000 Firmware	<3.80.0033
Bosch DIVAR IP 5000
Bosch Video Management System	<3.71.0056
Bosch Video Recording Manager	<3.70.0056
Bosch Video Recording Manager	>=3.81<3.81.0032

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2019-8951?
CVE-2019-8951 is an Open Redirect vulnerability located in the webserver of several Bosch hardware and software products.
How does CVE-2019-8951 affect Bosch DIVAR IP 2000 Firmware?
CVE-2019-8951 affects Bosch DIVAR IP 2000 Firmware versions up to and excluding 3.62.0019.
How does CVE-2019-8951 affect Bosch DIVAR IP 5000 Firmware?
CVE-2019-8951 affects Bosch DIVAR IP 5000 Firmware versions up to and excluding 3.80.0033.
Which Bosch software products are affected by CVE-2019-8951?
CVE-2019-8951 affects Bosch Video Management System and Bosch Video Recording Manager.
What is the severity of CVE-2019-8951?
CVE-2019-8951 has a severity rating of 6.1, which is considered medium.

collector/nvd-index
agent/references
agent/severity
agent/weakness
agent/author
agent/type
agent/event
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/bosch
canonical/bosch divar ip 2000 firmware
canonical/bosch divar ip 2000
canonical/bosch divar ip 5000 firmware
canonical/bosch divar ip 5000
canonical/bosch video management system
canonical/bosch video recording manager
version/bosch video recording manager/3.81

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.