AI Score
Confidence
Low
EPSS
Percentile
9.4%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an attacker to obtain sensitive information via a crafted script to the csl/user component.
[
{
"cpes": [
"cpe:2.3:a:zkteco:zktime_web:3.0:*:*:*:*:*:*:*"
],
"vendor": "zkteco",
"product": "zktime_web",
"versions": [
{
"status": "affected",
"version": "3.0"
}
],
"defaultStatus": "unknown"
}
]