CVE-2018-17482

Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Reports while in kiosk mode. By visiting the kiosk and clicking on reports, an attacker could exploit this vulnerability to gain access to all visitor records and obtain sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
ibmCNA
4 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AC:L/C:L/I:N/AV:L/PR:N/A:N/UI:N/S:U/RC:R/E:U/RL:U
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
jollytechlobby_track
8.2.186
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/149642
https://exchange.xforce.ibmcloud.com/vulnerabilities/149642