Security Advisory

CVE-2019-25279

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-07 23:10:00

Last updated 2026-01-16 18:59:58

Assigner VulnCheck

State PUBLISHED

Description

FaceSentry Access Control System 6.4.8 contains a cleartext password storage vulnerability that allows attackers to access unencrypted credentials in the devices SQLite database. Attackers can directly read sensitive login information stored in /faceGuard/database/FaceSentryWeb.sqlite without additional authentication.

← Browse all CVEs View on cve.org ↗