Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication to read system information and operate user's data, but can’t control system or disrupt service.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.twcert.org.tw/tw/cp-132-7335-d300a-1.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2023-08-28T04:12:44.854Z
Updated: 2024-08-02T17:23:28.093Z
Reserved: 2023-07-12T00:37:03.717Z
Link: CVE-2023-38028
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-08-28T05:15:07.667
Modified: 2023-08-29T23:47:08.563
Link: CVE-2023-38028
Redhat
No data.