CVE-2019-3906

Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.

Published : 2019-01-18 18:29 Updated : 2019-10-09 23:49

9.0
CVSS Score More info
Score 9.0 / 10
9.0
Vendor Product Version URI
Identicard Premisys Id 3.1.190 cpe:/a:identicard:premisys_id:3.1.190
  1. Identicard (1) Search CVE
    1. Premisys Id (1) Search CVE
      1. 3.1.190

CWE

ID Name Description Links
CWE-798 Use of Hard-coded Credentials The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. CVE

History of changes

Date Event
2019-01-25 15:31
2019-01-19 11:29
2019-01-18 18:29

New CVE