Id:
CVE-2018-17488
Comment
:
Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog. By visiting the kiosk and accessing the print badge screen, an attacker could exploit this vulnerability using the command line to break out of kiosk mode.
CVSSv2 Score:
4.6
Access vector:
|
LOCAL
|
Access complexity:
|
LOW
|
Authentication:
|
NONE
|
Confidentiality impact:
|
PARTIAL
|
Integrity impact:
|
PARTIAL
|
Availability impact:
|
PARTIAL
|
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSSv3 Score:
7.8
Attack vector:
|
LOCAL
|
Attack complexity:
|
LOW
|
Privileges required:
|
LOW
|
User interaction:
|
NONE
|
Scope:
|
UNCHANGED
|
Confidentiality impact:
|
HIGH
|
Integrity impact:
|
HIGH
|
Availability impact:
|
HIGH
|
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References: