Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.
References
Configurations
History
21 Nov 2024, 05:08
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.trendmicro.com/vinfo/us/threat-encyclopedia/vulnerability/8131/zkteco-facedepot-7b-10213-and-zkbiosecurity-server-10020190723-long-lasting-token-vulnerability - Third Party Advisory |
Information
Published : 2020-08-14 20:15
Updated : 2024-11-21 05:08
NVD link : CVE-2020-17473
Mitre link : CVE-2020-17473
CVE.ORG link : CVE-2020-17473
JSON object : View
Products Affected
zkteco
- facedepot_7b_firmware
- zkbiosecurity_server
- facedepot_7b
CWE
CWE-613
Insufficient Session Expiration