| |
Vulnerability CVE-2017-14124
Published: 2017-09-13
| Description: |
In eLux RP 5.x before 5.5.1000 LTSR and 5.6.x before 5.6.2 CR when classic desktop mode is used, it is possible to start applications other than defined, even if the user does not have permissions to change application definitions. |
Type:
CWE-269 (Improper Privilege Management)
CVSS2 => (AV:L/AC:M/Au:N/C:P/I:P/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
3.3/10 |
4.9/10 |
3.4/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
None |
References: |
https://www.myelux.com/cvesingle.htm?cve_id=CVE-2017-14124
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
