PT-2019-12776 · Anviz · Anviz Access Control Devices

Pedro Rodrigues

Publicado

2019-12-02

Atualizado

2020-08-24

CVE-2019-12388

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Anviz access control devices (affected versions not specified)

Description The issue concerns the cleartext transmission of sensitive information, including passwords, pins, and names, when Anviz access control devices respond to queries on port tcp/5010.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Cleartext Transmission of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-319

Identificadores relacionados

CVE-2019-12388

Produtos afetados

Anviz Access Control Devices

PT-2019-12776 · Anviz · Anviz Access Control Devices

CVE-2019-12388

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3