mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
84 lines
2.5 KiB
JSON
84 lines
2.5 KiB
JSON
{
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Lobby Track Desktop",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "8.2.186"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Jolly Technologies"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"impact": {
|
|
"cvssv3": {
|
|
"TM": {
|
|
"RC": "R",
|
|
"RL": "U",
|
|
"E": "U"
|
|
},
|
|
"BM": {
|
|
"C": "N",
|
|
"AC": "H",
|
|
"SCORE": "2.900",
|
|
"I": "L",
|
|
"AV": "L",
|
|
"PR": "N",
|
|
"A": "N",
|
|
"UI": "N",
|
|
"S": "U"
|
|
}
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "psirt@us.ibm.com",
|
|
"DATE_PUBLIC": "2019-03-04T00:00:00",
|
|
"STATE": "PUBLIC",
|
|
"ID": "CVE-2018-17486"
|
|
},
|
|
"data_type": "CVE",
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"value": "Bypass Security",
|
|
"lang": "eng"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"value": "Lobby Track Desktop could allow a local attacker to bypass security restrictions, caused by an error in the find visitor function while in kiosk mode. By visiting the kiosk and selecting find visitor, an attacker could exploit this vulnerability to delete visitor records or remove a host.",
|
|
"lang": "eng"
|
|
}
|
|
]
|
|
},
|
|
"data_version": "4.0",
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"title": "X-Force Vulnerability Report",
|
|
"name": "lobby-track-cve201817486-sec-bypass (149646)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/149646"
|
|
}
|
|
]
|
|
}
|
|
} |