Detections
Analytics

ONVIF Camera Snapshot

info Nessus Plugin ID 103867

Language:

Synopsis

The remote service allows unauthenticated users to view camera snapshots

Description

Nessus was able to acquire a snapshot from the remote camera using the GetProfiles and GetSnapshotUri ONVIF requests.

Solution

Enable authentication or IP filtering if possible. Disable ONVIF if it isn't in use.

See Also

https://www.onvif.org/

Plugin Details

Severity: Info

ID: 103867

File Name: onvif_get_snapshot.nasl

Version: Revision: 1.3

Type: remote

Family: Misc.

Published: 10/17/2017

Updated: 11/15/2017

Supported Sensors: Nessus

Vulnerability Information

Required KB Items: onvif/present