Identicard Premisys Multiple Security Vulnerabilities
BID:106552
CVE-2019-3906 | CVE-2019-3907 | CVE-2019-3908 | CVE-2019-3909 |Info
Identicard Premisys Multiple Security Vulnerabilities
| Bugtraq ID: | 106552 |
| Class: | Design Error |
| CVE: |
CVE-2019-3906 CVE-2019-3907 CVE-2019-3908 CVE-2019-3909 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 14 2019 12:00AM |
| Updated: | Jan 14 2019 12:00AM |
| Credit: | Tenable |
| Vulnerable: |
IDenticard Systems PremiSys 3.1.190 |
| Not Vulnerable: | |
Discussion
Identicard Premisys Multiple Security Vulnerabilities
Identicard Premisys is prone to the following security vulnerabilities:
1. Multiple security bypass vulnerabilities
2. A weak-encryption security weakness
Attackers may exploit these issues to gain unauthorized access to the affected application, or to bypass certain security restrictions to perform unauthorized actions, and view encrypted data and obtain sensitive information.
Premisys 3.1.190 is vulnerable; other versions may also be affected.
Identicard Premisys is prone to the following security vulnerabilities:
1. Multiple security bypass vulnerabilities
2. A weak-encryption security weakness
Attackers may exploit these issues to gain unauthorized access to the affected application, or to bypass certain security restrictions to perform unauthorized actions, and view encrypted data and obtain sensitive information.
Premisys 3.1.190 is vulnerable; other versions may also be affected.
Exploit / POC
Identicard Premisys Multiple Security Vulnerabilities
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Identicard Premisys Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Identicard Premisys Multiple Security Vulnerabilities
References:
References:
- Premisys Product Page (IDenticard)
- [R1] Multiple Premisys Identicard Vulnerabilities (Tenable)
- Advisory (ICSA-19-031-02) IDenticard PremiSys (ICS CERT)