CVE-2020-17473

2020-08-1419:12:48

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.9%

JSON

Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.

References

www.trendmicro.com/vinfo/us/threat-encyclopedia/vulnerability/8131/zkteco-facedepot-7b-10213-and-zkbiosecurity-server-10020190723-long-lasting-token-vulnerability