exploitDog

GHSA-93cj-p8xr-qghp

Опубликовано: 09 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration.

ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration.

Ссылки

EPSS

Процентиль: 45%

0.00221

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-306

Связанные уязвимости

CVE-2022-30515

CVSS3: 5.3

nvd

около 3 лет назад

ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration.

EPSS

Процентиль: 45%

0.00221

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-306