Vulnerabilities (CVE)

Filtered by vendor Secom Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-3935	1 Secom	2 Dr.id Access Control, Dr.id Attendance System	2021-12-22	5.0 MEDIUM	7.5 HIGH
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers.
CVE-2021-35962	1 Secom	2 Door Access Control, Personnel Attendance System	2021-08-02	5.0 MEDIUM	7.5 HIGH
Specific page parameters in Dr. ID Door Access Control and Personnel Attendance Management system does not filter special characters. Remote attackers can apply Path Traversal means to download credential files from the system without permission.