Authentication Downgrade Vulnerability in Citilog 8.0 Server Allows Unauthorized HTTP Access to Axis M1125 Camera

Authentication Downgrade Vulnerability in Citilog 8.0 Server Allows Unauthorized HTTP Access to Axis M1125 Camera

CVE-2022-28860 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

An authentication downgrade in the server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to achieve HTTP access to the camera.

Learn more about our Cis Benchmark Audit For Server Software.