U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2018-19036

Change History

Initial Analysis by NIST 2/22/2019 2:04:37 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:bosch:common_product_platform_4_firmware:*:*:*:*:*:*:*:* versions from (including) 6.32
     OR
          cpe:2.3:h:bosch:autodome_ip_4000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:autodome_ip_5000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:autodome_ip_5000_ir:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:autodome_ip_7000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_hd_1080p:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_hd_1080p_hdr:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_hd_720p:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_imager_9000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_4000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_5000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_5000_mp:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_bullet_4000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_bullet_5000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_starlight_7000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:extegra_ip_dynamic_9000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:extegra_ip_starlight_9000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_corner_9000_mp:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_hd_1080p:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_hd_720p:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_indoor_4000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_indoor_4000_ir:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_indoor_5000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_indoor_5000_mp:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_micro_2000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_micro_2000_ip:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_micro_5000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_micro_5000_mp:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_ir:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_mp:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_panormic_5000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:ip_2000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:ip_2000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:ip_bullet_4000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:ip_bullet_5000_hd:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:mic_ip_dynamic_7000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:mic_ip_starlight_7000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:tinyon_ip_2000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:vandal-proof_flexidome_hd_720p:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:bosch:common_product_platform_6_firmware:*:*:*:*:*:*:*:* versions from (including) 6.32
     OR
          cpe:2.3:h:bosch:aviotec_ip_starlight_8000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_starlight_8000_12mp:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_ultra_8000_12mp:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_180:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_180_iva:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_360:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_360_iva:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_180:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_180_iva:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_360:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_360_iva:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:bosch:common_product_platform_7.3_firmware:*:*:*:*:*:*:*:* versions from (including) 6.32
     OR
          cpe:2.3:h:bosch:autodome_ip_4000i:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:autodome_ip_5000i:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:autodome_ip_starlight_5000i:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:autodome_ip_starlight_7000i:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_bullet_4000i:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_bullet_5000i:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_bullet_6000i:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_4000i:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_5000i:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:mic_ip_fusion_9000i:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:mic_ip_starlight_7000i:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:bosch:common_product_platform_7_firmware:*:*:*:*:*:*:*:* versions from (including) 6.32
     OR
          cpe:2.3:h:bosch:dinion_ip_starlight_6000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_starlight_7000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dinion_ip_thermal_8000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_starlight_6000:-:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:flexidome_ip_starlight_7000:-:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-119
Changed Reference Type
https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2018-1202-bt-cve-2018-19036_security_advisory_ip_camera_vulnerability.pdf No Types Assigned
https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2018-1202-bt-cve-2018-19036_security_advisory_ip_camera_vulnerability.pdf Mitigation, Patch, Vendor Advisory