CVE-2018-17493
8.4
CVSS:3.0/AC:L/C:H/I:H/AV:L/A:H/PR:N/UI:N/S:U/E:U/RL:O/RC:C
Summary
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program and launch other processes on the system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| VisitorPass | eVisitorPass | 1.5.5.2 | affected |
Weaknesses
- Gain Privileges
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.