← back
CVE-2019-3906

CVE-2019-3906

EPSS 2.9%CWE-798
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.9%KEV nãoPoC Patch
Lifecycle
18 Jan 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
Affected products
n/a · Premisys Identicard 3.1.190

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.tenable.com/security/research/tra-2019-01http://www.securityfocus.com/bid/106552