Vulnerabilities > CVE-2023-38958 - Incorrect Authorization vulnerability in Zkteco Bioaccess IVS 3.3.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |