CVE-2023-38955

HIGH

ZKTeco BioAccess IVS <3.3.1 - Info Disclosure

Title source: llm

Description

ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names.

References (2)

Scores

CVSS v3 7.5
EPSS 0.0012
EPSS Percentile 30.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-668
Status published

Affected Products (1)

zkteco/bioaccess_ivs

Timeline

Published Aug 03, 2023
Tracked Since Feb 18, 2026