Vulnerability Change Records for CVE-2019-6958

Change History

Initial Analysis 5/31/2019 9:47:33 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.8.5:*:*:*:*:*:*:*
          *cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.0:*:*:*:*:*:*:*
          *cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.1:*:*:*:*:*:*:*
          *cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.3:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:bosch:access_easy_controller:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:bosch:dip_2000_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0380.037
     OR
          cpe:2.3:h:bosch:dip_2000:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:bosch:dip_3000_firmware:-:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:bosch:dip_3000:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:bosch:dip_5000_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 038.037
     OR
          cpe:2.3:h:bosch:dip_5000:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:bosch:dip_7000_firmware:-:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:bosch:dip_7000:gen1:*:*:*:*:*:*:*
          cpe:2.3:h:bosch:dip_7000:gen2:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:bosch:access_professional_edition:*:*:*:*:*:*:*:* versions from (including) 3.0 up to (including) 3.7
     *cpe:2.3:a:bosch:bosch_video_client:*:*:*:*:*:*:*:* versions up to (excluding) 1.7.6.079
     *cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:* versions up to (including) 9.0
     *cpe:2.3:a:bosch:building_integration_system:*:*:*:*:*:*:*:* versions from (including) 2.2 up to (including) 4.4
     *cpe:2.3:a:bosch:building_integration_system:4.5:*:*:*:*:*:*:*
     *cpe:2.3:a:bosch:building_integration_system:4.6:*:*:*:*:*:*:*
     *cpe:2.3:a:bosch:building_integration_system:4.6.1:*:*:*:*:*:*:*
     *cpe:2.3:a:bosch:configuration_manager:*:*:*:*:*:*:*:* versions up to (excluding) 6.10
     *cpe:2.3:a:bosch:video_sdk:*:*:*:*:*:*:*:* versions up to (excluding) 6.32.0099
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:P/I:N/A:P)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Added CWE

								
							
							
						
CWE-284
Changed Reference Type
https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2019-0404bt-cve-2019-6958_security_advisory_improper_access_control.pdf No Types Assigned
https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2019-0404bt-cve-2019-6958_security_advisory_improper_access_control.pdf Mitigation, Vendor Advisory