Authentication Downgrade Vulnerability in Citilog 8.0 Server Allows Unauthorized HTTP Access to Axis M1125 Camera
CVE-2022-28860 · MEDIUM Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
An authentication downgrade in the server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to achieve HTTP access to the camera.
Learn more about our Cis Benchmark Audit For Server Software.