FaceSentry Access Control System 6.4.8 Authentication Credential Disclosure
Posted on 01 July 2019
FaceSentry Access Control System version 6.4.8 suffers from a cleartext transmission of sensitive information. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.
