RSS   Podatności dla 'Easylobby solo'   RSS

2019-03-21
 
CVE-2018-17492

CWE-798
 

 
EasyLobby Solo contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application.

 
 
CVE-2018-17491

CWE-74
 

 
EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. By visiting the kiosk and typing "esc" to exit the program, an attacker could exploit this vulnerability to perform unauthorized actions on the computer.

 
 
CVE-2018-17490

CWE-269
 

 
EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task manager, a local attacker could exploit this vulnerability to kill the process or launch new processes at will.

 
 
CVE-2018-17489

CWE-312
 

 
EasyLobby Solo could allow a local attacker to obtain sensitive information, caused by the storing of the social security number in plaintext. By visiting the kiosk and viewing the Visitor table of the database, an attacker could exploit this vulnerability to view stored social security numbers.

 


Copyright 2024, cxsecurity.com

 

Back to Top