CVE-2019-18226
N/A
N/A
Summary
Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Honeywell equIP series cameras, Honeywell Performance series IP cameras, Honeywell recorders | H2W2GR1 1.000.0000.19.20190819, H3W2GR1 1.000.HW00.21.20190812, H3W2GR1V 1.000.0000.19.20190819, H3W2GR2 1.000.HW00.21.20190812, H3W4GR1 1.000.HW00.21.20190812, H3W4GR1V 1.000.0000.19.20190819, H4D8GR1 2.420.HW00.12.20190819, H4L2GR1 2.420.HW01.33.20190812, H4L2GR1V 1.000.0000.19.20190819, H4L6GR2 1.000.HW02.8.20190813, H4W2GR1 1.000.HW00.21.20190812, H4W2GR1V 1.000.0000.19.20190819, H4W2GR2 1.000.HW00.21.20190812, H4W4GR1 1.000.HW00.21.20190812, H4W4GR1V 1.000.0000.19.20190819, HBD8GR1 2.420.HW00.12.20190819, HBL2GR1 2.420.HW01.33.20190812, HBL2GR1V 1.000.0000.19.20190819, HBL6GR2 1.000.HW02.8.20190813, HBW2GR1 1.000.HW00.21.20190812, HBW2GR1V 1.000.0000.19.20190819, HBW2GR3 1.000.HW00.21.20190812, HBW2GR3V 1.000.0000.19.20190819, HBW4GR1 1.000.HW00.21.20190812, HBW4GR1V 1.000.0000.19.20190819, HCD8G 2.420.HW00.12.20190819, HCL2G 2.420.HW01.33.20190812, HCL2GV 1.000.0000.19.20190819, HCPB302 1.000.0040.3.20190820, HCW2G 1.000.HW00.21.20190812, HCW2GV 1.000.0000.19.20190819, HCW4G 1.000.HW00.2 ...[truncated*] | affected |
| n/a | Honeywell equIP series cameras, Honeywell Performance series IP cameras, Honeywell recorders | H2W2PC1M 1.000.HW01.3.20190820, H2W2PER3 1.000.HW01.3.20190820, H2W2PRV3 1.000.HW01.1.190813, H2W4PER3 1.000.HW01.3.20190820, H2W4PRV3 1.000.HW01.1.190813, H4D3PRV2 1.000.HW01.1.190814, H4D3PRV3 1.000.HW01.1.190814, H4D8PR1 1.000.HW01.3.20190820, H4W2PER2 1.000.HW01.3.20190820, H4W2PER3 1.000.HW01.3.20190820, H4W2PRV2 1.000.HW01.1.190814, H4W4PER2 1.000.HW01.3.20190820, H4W4PER3 1.000.HW01.3.20190820, H4W4PRV2 1.000.HW01.1.190814, H4W4PRV3 1.000.HW01.1.190813, H4W8PR2 1.000.HW01.3.20190820, HBD2PER1 1.000.HW01.3.20190820, HBD3PR1 1.000.HW01.1.190814, HBD3PR2 1.000.HW01.1.190814, HBD8PR1 1.000.HW01.3.20190820, HBW2PER1 1.000.HW01.3.20190820, HBW2PER2 1.000.HW01.3.20190820, HBW2PR1 1.000.HW01.1.190813, HBW2PR2 1.000.HW01.1.190814, HBW4PER1 1.000.HW01.3.20190820, HBW4PER2 1.000.HW01.3.20190820, HBW4PR1 1.000.HW01.1.190813, HBW4PR2 1.000.HW01.1.190814, HBW8PR2 1.000.HW01.3.20190820, HDZP252DI 1.000.HW02.4.20190813, HDZP304DI 1.000.HW10.5.20190812, HED2PER3 1.000.HW01.3.20190820, HED3PR3 1.000.HW01 ...[truncated*] | affected |
| n/a | Honeywell equIP series cameras, Honeywell Performance series IP cameras, Honeywell recorders | HEN04102 2.000.HW00.0.R.20190823, HEN04112 2.000.HW00.0.R.20190823, HEN04122 2.000.HW00.0.R.20190823, HEN08102 2.000.HW00.0.R.20190823, HEN08112 2.000.HW00.0.R.20190823, HEN08122 2.000.HW00.0.R.20190823, HEN08142 2.000.HW00.0.R.20190823, HEN08162 2.000.HW00.0.R.20190823, HEN16102 2.000.HW00.0.R.20190823, HEN16122 2.000.HW00.0.R.20190823, HEN16142 2.000.HW00.0.R.20190823, HEN16162 2.000.HW00.0.R.20190823, HEN04103 3.215.00HW001.2.20190821, HEN04113 3.215.00HW001.2.20190821, HEN04123 3.215.00HW001.2.20190821, HEN08103 3.215.00HW001.2.20190821, HEN08113 3.215.00HW001.2.20190821, HEN08123 3.215.00HW001.2.20190821, HEN08143 3.215.00HW001.2.20190821, HEN16103 3.215.00HW001.2.20190821, HEN16123 3.215.00HW001.2.20190821, HEN16143 3.215.00HW001.2.20190821, HEN16163 3.215.00HW001.2.20190821, HEN04103L 3.215.00HW001.2.20190821, HEN08103L 3.215.00HW001.2.20190821, HEN16103L 3.215.00HW001.2.20190821, HEN32103L 3.215.00HW001.2.20190821, HEN08104 3.215.00HW002.2.20190829, HEN08144 3.215.00HW002.2.20190829, H ...[truncated*] | affected |
Weaknesses
- CWE-294: AUTHENTICATION BYPASS BY CAPTURE-REPLAY CWE-294
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.