cvelist/2018/17xxx/CVE-2018-17486.json

{
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Lobby Track Desktop",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "8.2.186"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Jolly Technologies"
                }
            ]
        }
    },
    "impact": {
        "cvssv3": {
            "TM": {
                "RC": "R",
                "RL": "U",
                "E": "U"
            },
            "BM": {
                "C": "N",
                "AC": "H",
                "SCORE": "2.900",
                "I": "L",
                "AV": "L",
                "PR": "N",
                "A": "N",
                "UI": "N",
                "S": "U"
            }
        }
    },
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ASSIGNER": "psirt@us.ibm.com",
        "DATE_PUBLIC": "2019-03-04T00:00:00",
        "STATE": "PUBLIC",
        "ID": "CVE-2018-17486"
    },
    "data_type": "CVE",
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "value": "Bypass Security",
                        "lang": "eng"
                    }
                ]
            }
        ]
    },
    "description": {
        "description_data": [
            {
                "value": "Lobby Track Desktop could allow a local attacker to bypass security restrictions, caused by an error in the find visitor function while in kiosk mode. By visiting the kiosk and selecting find visitor, an attacker could exploit this vulnerability to delete visitor records or remove a host.",
                "lang": "eng"
            }
        ]
    },
    "data_version": "4.0",
    "references": {
        "reference_data": [
            {
                "title": "X-Force Vulnerability Report",
                "name": "lobby-track-cve201817486-sec-bypass (149646)",
                "refsource": "XF",
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/149646"
            }
        ]
    }
}
- Synchronized data. 2018-09-25 14:04:28 -04:00			`{`
"-Synchronized-Data." 2019-03-19 20:00:51 +00:00			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Lobby Track Desktop",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "8.2.186"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "Jolly Technologies"`
			`}`
			`]`
			`}`
			`},`
			`"impact": {`
			`"cvssv3": {`
			`"TM": {`
			`"RC": "R",`
			`"RL": "U",`
			`"E": "U"`
			`},`
			`"BM": {`
			`"C": "N",`
			`"AC": "H",`
			`"SCORE": "2.900",`
			`"I": "L",`
			`"AV": "L",`
			`"PR": "N",`
			`"A": "N",`
			`"UI": "N",`
			`"S": "U"`
			`}`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ASSIGNER": "psirt@us.ibm.com",`
			`"DATE_PUBLIC": "2019-03-04T00:00:00",`
			`"STATE": "PUBLIC",`
			`"ID": "CVE-2018-17486"`
			`},`
			`"data_type": "CVE",`
			`"problemtype": {`
			`"problemtype_data": [`
IBM20190315-133420 Added CVE-2018-17500, CVE-2018-17482, CVE-2018-17495, CVE-2018-17493, CVE-2018-17490, CVE-2018-17489, CVE-2018-17484, CVE-2018-17486, CVE-2018-17497, CVE-2018-17491, CVE-2018-17485, CVE-2018-17488, CVE-2018-17492, CVE-2018-17483, CVE-2018-17502, CVE-2018-17499, CVE-2018-17494, CVE-2018-17487, CVE-2018-17496 2019-03-15 13:34:20 -04:00			`{`
"-Synchronized-Data." 2019-03-19 20:00:51 +00:00			`"description": [`
			`{`
			`"value": "Bypass Security",`
			`"lang": "eng"`
			`}`
			`]`
IBM20190315-133420 Added CVE-2018-17500, CVE-2018-17482, CVE-2018-17495, CVE-2018-17493, CVE-2018-17490, CVE-2018-17489, CVE-2018-17484, CVE-2018-17486, CVE-2018-17497, CVE-2018-17491, CVE-2018-17485, CVE-2018-17488, CVE-2018-17492, CVE-2018-17483, CVE-2018-17502, CVE-2018-17499, CVE-2018-17494, CVE-2018-17487, CVE-2018-17496 2019-03-15 13:34:20 -04:00			`}`
"-Synchronized-Data." 2019-03-19 20:00:51 +00:00			`]`
			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"value": "Lobby Track Desktop could allow a local attacker to bypass security restrictions, caused by an error in the find visitor function while in kiosk mode. By visiting the kiosk and selecting find visitor, an attacker could exploit this vulnerability to delete visitor records or remove a host.",`
			`"lang": "eng"`
			`}`
			`]`
			`},`
			`"data_version": "4.0",`
			`"references": {`
			`"reference_data": [`
			`{`
			`"title": "X-Force Vulnerability Report",`
			`"name": "lobby-track-cve201817486-sec-bypass (149646)",`
			`"refsource": "XF",`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/149646"`
			`}`
			`]`
			`}`
			`}`