Vulnerability in Hid Global Safe

CVE-2023-2904

The External Visitor Manager portal of HID’s SAFE versions 5.8.0 through 5.11.3 are vulnerable to manipulation within web fields in the application programmable interface (API). An attacker could log in using account credentials available…

EPSS: 0.001 (30.7th percentile) — read the EPSS interpretation.

Affected products

Hid Global Safe — versions 5.8.0

Weakness classification (CWE)

CWE-471 — Modification of Assumed-Immutable Data (MAID)

References

www.cisa.gov/news-events/ics-advisories/icsa-23-152-02 (government-resource)