Lucene search

IbmCVELIST:CVE-2018-17486

HistoryMar 19, 2019 - 7:47 p.m.

CVE-2018-17486

2019-03-1919:47:41

ibm

www.cve.org

CVSS3

2.9

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:U/RC:R

AI Score

5.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Lobby Track Desktop could allow a local attacker to bypass security restrictions, caused by an error in the find visitor function while in kiosk mode. By visiting the kiosk and selecting find visitor, an attacker could exploit this vulnerability to delete visitor records or remove a host.

CNA Affected

[
  {
    "product": "Lobby Track Desktop",
    "vendor": "Jolly Technologies",
    "versions": [
      {
        "status": "affected",
        "version": "8.2.186"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/149646

CVSS3

2.9

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:U/RC:R

AI Score

5.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2018-17486