ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Incorrect Access Control. An authenticated user, without the permissions of managing users, can create a new admin user.
Metrics
Affected Vendors & Products
References
History
Wed, 04 Sep 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-284 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-04T19:50:00.613Z
Reserved:
Link: CVE-2024-35433
Vulnrichment
Updated: 2024-08-02T03:14:52.611Z
NVD
Status : Awaiting Analysis
Published: 2024-05-30T18:15:09.520
Modified: 2024-09-04T20:35:18.400
Link: CVE-2024-35433
Redhat
No data.