CVE-2024-25064

Summary

Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values.

Affected Software

VendorProductVersion RangeStatus
HikvisionHikCentral ProfessionalVersions after V2.0.0 and before V2.5.1affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References