CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-2938

Hanvon FaceID before 1.007.110 does not require authentication, which allows remote attackers to modify access-control and attendance-tracking data via API commands.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.6%

CVSS Severity

CVSS v2 Score 8.3

References

http://www.kb.cert.org/vuls/id/767044
http://www.kb.cert.org/vuls/id/767044

Products affected by CVE-2014-2938

Hanon » Faceid » Version: f710

cpe:2.3:h:hanon:faceid:f710
Hanon » Faceid » Version: f810

cpe:2.3:h:hanon:faceid:f810
Hanon » Faceid » Version: fa007

cpe:2.3:h:hanon:faceid:fa007
Hanon » Faceid » Version: fk800

cpe:2.3:h:hanon:faceid:fk800
Hanon » Faceid F710 Firmware » Version: 1.007.109

cpe:2.3:o:hanon:faceid_f710_firmware:1.007.109
Hanon » Faceid F810 Firmware » Version: Any

cpe:2.3:o:hanon:faceid_f810_firmware:*
Hanon » Faceid Fa007 Firmware » Version: Any

cpe:2.3:o:hanon:faceid_fa007_firmware:*
Hanon » Faceid Fk800 Firmware » Version: Any

cpe:2.3:o:hanon:faceid_fk800_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2938

Products

Pricing

Contact Us