CVE-2023-28809

Summary

Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.

Affected Software

VendorProductVersion RangeStatus
hikvisionDS-K1T804AXXV1.4.0_build221212 < V1.4.0_build221212affected
hikvisionDS-K1T341AXXV3.2.30_build221223 < V3.2.30_build221223affected
hikvisionDS-K1T671XXXV3.2.30_build221223 < V3.2.30_build221223affected
hikvisionDS-K1T343XXXV3.14.0_build230117 < V3.14.0_build230117affected
hikvisionDS-K1T341CV3.3.8_build230112 < V3.3.8_build230112affected
hikvisionDS-K1T320XXXV3.5.0_build220706 < V3.5.0_build220706affected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References