Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Secom Subscribe
Filtered by product Dr.id Attendance System

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-3934 1 Secom 2 Dr.id Access Control, Dr.id Attendance System 2022-01-01 7.5 HIGH 9.8 CRITICAL
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command.
CVE-2020-3933 1 Secom 2 Dr.id Access Control, Dr.id Attendance System 2022-01-01 5.0 MEDIUM 5.3 MEDIUM
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system.
CVE-2020-3935 1 Secom 2 Dr.id Access Control, Dr.id Attendance System 2021-12-22 5.0 MEDIUM 7.5 HIGH
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers.