CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-1965

Medium Severity
Haivision
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00028/1

CVE-2024-1965 is a Server-Side Request Forgery (SSRF) vulnerability affecting Haivision's Aviwest Manager and Aviwest Steamhub. This flaw enables attackers to potentially enumerate internal network configurations without authentication. While the CVSS score is 0, the SOCRadar Vulnerability Risk Score (SVRS) is 30, indicating a low but present risk that should be monitored. Exploitation of SSRF vulnerabilities could lead to the compromise of internal servers and the interception of requests from legitimate users. Although the SVRS isn't critical, the "In The Wild" tag suggests active exploitation or proof-of-concept availability, warranting proactive security measures to mitigate potential risks. Mitigating this vulnerability is crucial to prevent unauthorized access and data breaches within the affected Aviwest systems. Immediate patching is recommended.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-02-28
LAST MODIFIED2025-03-04
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-1965 is a Server-Side Request Forgery (SSRF) vulnerability in Haivision's Aviwest Manager and Aviwest Steamhub. It allows an attacker to enumerate internal network configurations without credentials, potentially compromising internal servers and retrieving requests sent by other users. The SVRS of 38 indicates a moderate risk, requiring attention but not immediate action.

Key Insights

  • Unrestricted Access to Internal Network: The vulnerability grants attackers access to internal network configurations, enabling them to map out the network and identify potential targets.
  • Compromise of Internal Servers: Attackers can exploit the vulnerability to compromise internal servers, potentially gaining access to sensitive data or disrupting operations.
  • Retrieval of User Requests: The vulnerability allows attackers to retrieve requests sent by other users, potentially exposing sensitive information or enabling phishing attacks.

Mitigation Strategies

  • Update Software: Apply the latest software updates from Haivision to patch the vulnerability.
  • Implement Input Validation: Implement strict input validation to prevent attackers from exploiting the vulnerability through malicious requests.
  • Use Web Application Firewalls (WAFs): Deploy WAFs to block malicious requests and protect against SSRF attacks.
  • Monitor Network Traffic: Monitor network traffic for suspicious activity and investigate any anomalies that may indicate an attack.

Additional Information

  • Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
  • Exploit Status: No active exploits have been published.
  • CISA Warnings: The Cybersecurity and Infrastructure Security Agency (CISA) has not issued a warning for this vulnerability.
  • In the Wild: The vulnerability is not known to be actively exploited by hackers.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-1965 | Haivision Aviwest Manager/Aviwest Streamhub Network Configuration server-side request forgery
vuldb.com2025-03-04
CVE-2024-1965 | Haivision Aviwest Manager/Aviwest Streamhub Network Configuration server-side request forgery | A vulnerability, which was classified as critical, was found in Haivision Aviwest Manager and Aviwest Streamhub. Affected is an unknown function of the component Network Configuration Handler. The manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2024-1965. It is possible to launch the attack remotely
vuldb.com
rss
forum
news

Social Media

No tweets found for this CVE

Affected Software

Configuration 1
TypeVendorProduct
AppHaivisionstreamhub
AppHaivisionmaanager

References

ReferenceLink
[email protected]https://www.incibe.es/en/incibe-cert/notices/aviso/server-side-request-forgery-vulnerability-haivision-products
AF854A3A-2127-422B-91AE-364DA2661108https://www.incibe.es/en/incibe-cert/notices/aviso/server-side-request-forgery-vulnerability-haivision-products
[email protected]https://www.incibe.es/en/incibe-cert/notices/aviso/server-side-request-forgery-vulnerability-haivision-products

CWE Details

CWE IDCWE NameDescription
CWE-918Server-Side Request Forgery (SSRF)The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence