mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-19 17:32:41 +00:00
67 lines
2.1 KiB
JSON
67 lines
2.1 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "vulnreport@tenable.com",
|
|
"ID": "CVE-2019-3906",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Premisys Identicard 3.1.190",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "Premisys Identicard 3.1.190"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-798 Hard-coded Credentials"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://www.tenable.com/security/research/tra-2019-01",
|
|
"refsource": "MISC",
|
|
"url": "https://www.tenable.com/security/research/tra-2019-01"
|
|
},
|
|
{
|
|
"name": "106552",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/106552"
|
|
}
|
|
]
|
|
}
|
|
} |