Vulnerabilities > Identicard > Premisys ID > 3.1.190

DATE CVE VULNERABILITY TITLE RISK
2019-01-18 CVE-2019-3909 Insecure Default Initialization of Resource vulnerability in Identicard Premisys ID 3.1.190
Premisys Identicard version 3.1.190 database uses default credentials.
network
low complexity
identicard CWE-1188
critical
 10.0
10
2019-01-18 CVE-2019-3908 Use of Hard-coded Credentials vulnerability in Identicard Premisys ID 3.1.190
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files.
network
low complexity
identicard CWE-798
7.5
7.5
2019-01-18 CVE-2019-3907 Use of Password Hash With Insufficient Computational Effort vulnerability in Identicard Premisys ID 3.1.190
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
network
low complexity
identicard CWE-916
5.0
5.0
2019-01-18 CVE-2019-3906 Use of Hard-coded Credentials vulnerability in Identicard Premisys ID 3.1.190
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003.
network
low complexity
identicard CWE-798
8.8
8.8