4 matches found
CVE-2025-59102
The web server of the Access Manager offers a functionality to download a backup of the local database stored on the device. This database contains the whole configuration. This includes encrypted MIFARE keys, card data, user PINs and much more. The PINs are even stored unencrypted. Combined with...
CVE-2025-59102 Secrets Stored in Plaintext in Database in dormakaba access manager
The web server of the Access Manager offers a functionality to download a backup of the local database stored on the device. This database contains the whole configuration. This includes encrypted MIFARE keys, card data, user PINs and much more. The PINs are even stored unencrypted. Combined with...
CVE-2025-59102
The CVE-2025-59102 entry concerns the Access Manager web server’s backup-download functionality, which can expose the device’s entire configuration including unencrypted PINs and MIFARE keys. Connected Red Hat CVEs clarify the adjacent issues: CVE-2025-59101 allows an attacker to bypass session m...
PT-2026-4752
The web server of the Access Manager offers a functionality to download a backup of the local database stored on the device. This database contains the whole configuration. This includes encrypted MIFARE keys, card data, user PINs and much more. The PINs are even stored unencrypted. Combined with...