What is CVE-2024-1965?

CVE-2024-1965 is a medium severity vulnerability affecting Haivision's Aviwest Manager and Aviwest Streamhub, which are video monitoring and device management tools. This vulnerability, known as Server-Side Request Forgery, allows an attacker to access internal network configurations without needing credentials. As a result, various systems that rely on these tools for video monitoring and management may be at risk.

Who is impacted by CVE-2024-1965?

This medium severity vulnerability, known as Server-Side Request Forgery, allows an attacker to access internal network configurations without needing credentials. Unfortunately, specific affected versions of the software are not mentioned in the available sources.

What should I do if I’m affected?

If you're affected by the CVE-2024-1965 vulnerability, it's important to take action to protect your systems. Unfortunately, specific steps to mitigate this vulnerability are not available in the provided sources. Keep an eye out for updates from Haivision and consider consulting with a cybersecurity expert for guidance on securing your systems.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2024-1965 vulnerability, also known as Server-Side Request Forgery in Haivision's Aviwest Manager and Aviwest Streamhub, is not listed in CISA's Known Exploited Vulnerabilities Catalog.

CVE-2024-1965 Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-918, a Server-Side Request Forgery issue in Haivision's Aviwest Manager and Aviwest Streamhub.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or refer to the sources below.

• INCIBE-CERT: Server-Side Request Forgery Vulnerability in Haivision Products