Description
A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
High
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
High
Affected products
- GeoVision Inc. / GeoVisionV20.0.2 – V20.0.2
- GeoVision Inc. / GeoVisionV20.1.0.0 – V20.1.0.0