Server-Side Request Forgery Vulnerability in Haivision Products

INCIBE has coordinated the publication of a medium severity vulnerability affecting Haivision's Aviwest Manager and Aviwest Streamhub, two video monitoring and device management tools, which has been discovered by Konrad Kowal Karp of Telefónica Tech.

This vulnerability has been assigned the following code, CVSS v3.1 base score, CVSS vector and CWE vulnerability type:

• CVE-2024-1965: 6.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | CWE-918