CVE-2017-14124

In eLux RP 5.x before 5.5.1000 LTSR and 5.6.x before 5.6.2 CR when classic desktop mode is used, it is possible to start applications other than defined, even if the user does not have permissions to change application definitions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.3 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
VendorProductVersion
unicon-softwarerp
𝑥
≤ 5.5.0
unicon-softwarerp
𝑥
≤ 5.6.0
unicon-softwarerp
4.0.1
unicon-softwarerp
4.2
unicon-softwarerp
4.4.0
unicon-softwarerp
4.5.0
unicon-softwarerp
4.6.0
unicon-softwarerp
4.7.0
unicon-softwarerp
4.7.1
unicon-softwarerp
4.8.0
unicon-softwarerp
4.9.0
unicon-softwarerp
4.10.0
unicon-softwarerp
4.11.0
unicon-softwarerp
4.11.1
unicon-softwarerp
4.11.3
unicon-softwarerp
4.11.5
unicon-softwarerp
5.0.0
unicon-softwarerp
5.1.0
unicon-softwarerp
5.2.0
unicon-softwarerp
5.3.0
unicon-softwarerp
5.4.0
unicon-softwarerp
5.4.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.myelux.com/cvesingle.htm?cve_id=CVE-2017-14124
https://www.myelux.com/cvesingle.htm?cve_id=CVE-2017-14124