User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for
arbitrary code execution.
References
| Link | Resource |
|---|---|
| https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf | Vendor Advisory |
| https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf | Vendor Advisory |
Configurations
History
21 Nov 2024, 07:42
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.2 |
08 Nov 2024, 09:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-78 | |
| Summary | (en) User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution. |
07 Aug 2023, 19:26
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:axis:license_plate_verifier:*:*:*:*:*:*:*:* | |
| References | (MISC) https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| CWE | NVD-CWE-noinfo | |
| First Time |
Axis
Axis license Plate Verifier |
03 Aug 2023, 07:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-03 07:15
Updated : 2024-11-21 07:42
NVD link : CVE-2023-21411
Mitre link : CVE-2023-21411
CVE.ORG link : CVE-2023-21411
JSON object : View
Products Affected
axis
- license_plate_verifier
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
NVD-CWE-noinfo