CVE-2018-17495 Vulnerability Details

  /     /     /  

CVE-2018-17495 Metadata Quick Info

CVE Published: 19/03/2019 | CVE Updated: 17/09/2024 | CVE Year: 2018
Source: ibm | Vendor: VisitorPass | Product: eVisitorPass
Status : PUBLISHED

---

CVE-2018-17495 Description

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog. By visiting the kiosk and removing the program from fullscreen, an attacker could exploit this vulnerability using the terminal to launch the command prompt.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Gain Privileges
Source: VisitorPass

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).