CVE-2018-17493 Vulnerability Details

  /     /     /  

CVE-2018-17493 Metadata Quick Info

CVE Published: 19/03/2019 | CVE Updated: 16/09/2024 | CVE Year: 2018
Source: ibm | Vendor: VisitorPass | Product: eVisitorPass
Status : PUBLISHED

---

CVE-2018-17493 Description

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program and launch other processes on the system.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Gain Privileges
Source: VisitorPass

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).