Lucene search
+L

32 matches found

CNVD
CNVD
added 2019/03/20 12:0 a.m.6 views

eVisitorPass elevation of privilege vulnerability (CNVD-2019-08629)

Threshold eVisitorPass is a visitor management system from Threshold Canada. A power-up vulnerability exists in Threshold eVisitorPass version 1.5.5.2. A local attacker can exploit the vulnerability to launch a command window...

8.4CVSS6.8AI score0.00384EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/20 12:0 a.m.6 views

eVisitorPass Default Management Credentials Vulnerability

Threshold eVisitorPass is a visitor management system from Threshold Canada. A security vulnerability exists in Threshold eVisitorPass version 1.5.5.2 that stems from the program's use of default administrative credentials. A local attacker could exploit the vulnerability to gain full access to t...

8.4CVSS6.8AI score0.00383EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/03/19 7:47 p.m.23 views

CVE-2018-17493

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program and launch other...

8.4CVSS8.3AI score0.00384EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/03/19 7:47 p.m.23 views

CVE-2018-17497

eVisitorPass contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application...

8.4CVSS8.5AI score0.00383EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/03/19 7:47 p.m.30 views

CVE-2018-17496

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode. By visiting the kiosk and typing ctrl+shift+esc, an attacker could exploit this vulnerability to open the task manager to kill the process or launch new processes on the...

8.4CVSS8.3AI score0.00384EPSS
Exploits0References1
CVE
CVE
added 2019/03/19 7:47 p.m.46 views

CVE-2018-17496

CVE-2018-17496 affects the eVisitorPass kiosk application. The vulnerability stems from an error in kiosk mode that, when a user visits the kiosk and presses ctrl+shift+esc, allows opening the Task Manager to kill or launch processes, enabling local privilege escalation. The NVD description notes...

8.4CVSS7.6AI score0.00384EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/19 7:47 p.m.23 views

CVE-2018-17494

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Start Menu. By visiting the kiosk and pressing windows key twice, an attacker could exploit this vulnerability to close the program and launch other processes on the...

8.4CVSS8.3AI score0.00384EPSS
Exploits0References1
CVE
CVE
added 2019/03/19 7:47 p.m.53 views

CVE-2018-17495

CVE-2018-17495 affects eVisitorPass (visitor management system). The vulnerability arises from an error in the Virtual Keyboard Help Dialog, enabling a local attacker to gain elevated privileges. By visiting the kiosk and removing the program from fullscreen, an attacker can use the terminal to l...

8.4CVSS7.7AI score0.00384EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/03/19 7:47 p.m.47 views

CVE-2018-17493

CVE-2018-17493 is an eVisitorPass vulnerability (kiosk mode) where an error with the Fullscreen button allows a local attacker to gain elevated privileges. By visiting the kiosk and clicking the fullscreen control, an attacker could close the application and launch other processes on the system. ...

8.4CVSS7.6AI score0.00384EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/03/19 7:47 p.m.44 views

CVE-2018-17494

CVE-2018-17494 describes a local privilege-escalation in the eVisitorPass kiosk system involving the Virtual Keyboard Start Menu. According to the description, when a user visits the kiosk and presses the Windows key twice, an error in the Virtual Keyboard Start Menu could enable a local attacker...

8.4CVSS7.6AI score0.00384EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/03/19 7:47 p.m.43 views

CVE-2018-17497

CVE-2018-17497 affects eVisitorPass. It reports default administrative credentials that could let a local attacker gain full access to the application. CVSSv3.0 base score 7.8 (HIGH) with LOCAL access, low attack complexity, no user interaction, and HIGH confidentiality, integrity, and availabili...

8.4CVSS7.7AI score0.00383EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/19 7:47 p.m.17 views

CVE-2018-17495

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog. By visiting the kiosk and removing the program from fullscreen, an attacker could exploit this vulnerability using the terminal to launch the command prom...

8.4CVSS8.5AI score0.00384EPSS
Exploits0References1
Rows per page
Query Builder