Zkbio Cvsecurity Security Vulnerabilities and Issues — Zkbio Cvsecurity CVE List

Lucene search

ZktecoZkbio Cvsecurity

2 matches found

CVE•added 2024/05/30 6:15 p.m.•65 views

CVE-2024-35433

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Incorrect Access Control. An authenticated user, without the permissions of managing users, can create a new admin user.

8.1CVSS6.6AI score0.00095EPSS

CVE•added 2024/05/30 4:15 p.m.•23 views

CVE-2024-35430

In ZKTeco ZKBio CVSecurity v6.1.1_R and earlier (fixed in 6.1.3_R) an authenticated user can bypass password checks while exporting data from the application.

8.1CVSS6.5AI score0.00068EPSS