CVE-2019-13525

Summary

In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network.

Affected Software

VendorProductVersion RangeStatus
n/aHoneywell IP-AK2IP-AK2 Access Control Panel Version 1.04.07 and prioraffected

Weaknesses

  • CWE-306: MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306

ADP Enrichment

CVE Program Container

Additional References

References