Lucene search
K
CapmonAccess Manager

5 matches found

CVE
CVE
added 2019/03/15 3:0 p.m.45 views

CVE-2018-18255

CVE-2018-18255 affects CapMon Access Manager 5.4.1.1005. The issue involves named-pipe communication between client applications and AccessManagerCoreService.exe, where a user can initiate interaction by creating a named pipe and sending commands to achieve elevated privileges. The CVE is documen...

7.8CVSS7.6AI score0.0041EPSS
CVE
CVE
added 2019/03/15 3:0 p.m.39 views

CVE-2018-18256

CapMon Access Manager 5.4.1.1005 has a local privilege escalation: a regular user can obtain local administrator privileges by running any whitelisted application via the Custom App Launcher. The connected documents confirm the affected product/version and the impact (privilege escalation to admi...

7.8CVSS7.5AI score0.0041EPSS
CVE
CVE
added 2019/03/15 3:0 p.m.38 views

CVE-2018-18253

CapMon Access Manager 5.4.1.1005 is affected. The issue centers on CALRunElevated.exe: it temporarily adds an unprivileged user to the local Administrators group to run a single command, but if the command crashes the user may remain in the Administrators group, and a race condition exists in all...

7CVSS7AI score0.00299EPSS
CVE
CVE
added 2019/03/15 3:0 p.m.36 views

CVE-2018-18254

CVE-2018-18254 affects CapMon Access Manager 5.4.1.1005. An unprivileged user can read the CAL (Custom App Launcher) database table cal_whitelist, enabling potential privilege escalation by placing a Trojan horse program at an app pathname. Root cause is access to sensitive CAL data leading to el...

7.8CVSS7.6AI score0.0039EPSS
CVE
CVE
added 2019/03/15 3:0 p.m.34 views

CVE-2018-18252

CVE-2018-18252 affects CapMon Access Manager 5.4.1.1005. The CALRunElevated.exe component allows an unprivileged user to obtain NT AUTHORITY\SYSTEM privileges via the --system option, constituting a local privilege escalation. The vulnerability is documented in NVD/CNVD records with CVSSv2/v3 bas...

7.8CVSS7.5AI score0.00432EPSS