Loading
ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document.
Use CWE-200, Zkteco vendor hub and Zktime Web product page to widen CVE-2017-14680 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2017-17056, CVE-2017-13129 and CVE-2017-17057 for nearby disclosures in the same product family.