CVE-2019-3908

EPSS 1.8%CWE-259

Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.

Produtos afetados

n/a · Premisys Identicard 3.1.190

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.tenable.com/security/research/tra-2019-01 http://www.securityfocus.com/bid/106552