CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-20040 – SICUNET Access Controller Password Storage cleartext storage
https://notcve.org/view.php?id=CVE-2017-20040
A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been declared as problematic. This vulnerability affects unknown code of the component Password Storage. The manipulation leads to weak encryption. Attacking locally is a requirement. • http://seclists.org/fulldisclosure/2017/Mar/25 https://vuldb.com/?id.98908 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-20039 – SICUNET Access Controller hard-coded password
https://notcve.org/view.php?id=CVE-2017-20039
A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very critical. This affects an unknown part. The manipulation leads to weak authentication. It is possible to initiate the attack remotely. • http://seclists.org/fulldisclosure/2017/Mar/25 https://vuldb.com/?id.98907 • CWE-259: Use of Hard-coded Password CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-20038 – SICUNET Access Controller card_scan_decoder.php privileges management
https://notcve.org/view.php?id=CVE-2017-20038
A vulnerability was found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this issue is some unknown functionality of the file card_scan_decoder.php. The manipulation of the argument No/door leads to privilege escalation. The attack may be launched remotely. Se ha encontrado una vulnerabilidad en SICUNET Access Controller versión 0.32-05z y ha sido clasificada como crítica. • http://seclists.org/fulldisclosure/2017/Mar/25 https://vuldb.com/?id.98906 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-20037 – SICUNET Access Controller privileges management
https://notcve.org/view.php?id=CVE-2017-20037
A vulnerability has been found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument c leads to privilege escalation. The attack can be launched remotely. Se ha encontrado una vulnerabilidad en SICUNET Access Controller versión 0.32-05z y ha sido clasificada como crítica. • http://seclists.org/fulldisclosure/2017/Mar/25 https://vuldb.com/?id.98905 • CWE-269: Improper Privilege Management •