nvd-json-data-feeds/CVE-2018/CVE-2018-174xx/CVE-2018-17491.json

{
  "id": "CVE-2018-17491",
  "sourceIdentifier": "psirt@us.ibm.com",
  "published": "2019-03-21T16:00:25.420",
  "lastModified": "2020-08-24T17:37:01.140",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. By visiting the kiosk and typing \"esc\" to exit the program, an attacker could exploit this vulnerability to perform unauthorized actions on the computer."
    },
    {
      "lang": "es",
      "value": "EasyLobby Solo podr\u00eda permitir que un atacante local obtenga privilegios elevados en el sistema. Al visitar el quiosco y escribir \"esc\" para salir del programa, un atacante podr\u00eda explotar esta vulnerabilidad para realizar acciones no autorizadas en el ordenador."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      },
      {
        "source": "psirt@us.ibm.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.4,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:hidglobal:easylobby_solo:11.0.4563:*:*:*:*:*:*:*",
              "matchCriteriaId": "716C15DA-BA8A-4DC2-ADD5-4DC048115EA6"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/149651",
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    }
  ]
}