CVE-2019-3906

CVE-2019-3906

Vendor N/A
Product Premisys Identicard 3.1.190
Weakness CWE-798 · Hardcoded credentials
Published January 18, 2019
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.

Key dates

02Disclosure timeline

January 18, 2019 CVE published
August 4, 2024 Record updated