CVE-2018-17494 Vulnerability Details

  /     /     /  

CVE-2018-17494 Metadata Quick Info

CVE Published: 19/03/2019 | CVE Updated: 17/09/2024 | CVE Year: 2018
Source: ibm | Vendor: VisitorPass | Product: eVisitorPass
Status : PUBLISHED

---

CVE-2018-17494 Description

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Start Menu. By visiting the kiosk and pressing windows key twice, an attacker could exploit this vulnerability to close the program and launch other processes on the system.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Gain Privileges
Source: VisitorPass

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).