Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/106552 | Third Party Advisory VDB Entry |
https://www.tenable.com/security/research/tra-2019-01 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: tenable
Published: 2019-01-18T18:00:00
Updated: 2019-01-19T10:57:02
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3906
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-01-18T18:29:00.247
Modified: 2022-12-03T14:45:52.753
Link: CVE-2019-3906
JSON object: View
Redhat Information
No data.
CWE