CVE-2018-17484

Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Sample Database.mdb database while in kiosk mode. By using attack vectors outlined in kiosk breakout, an attacker could exploit this vulnerability to view and edit the database.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
ibmCNA
4 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.0/I:L/AV:L/A:N/PR:N/UI:N/S:U/AC:H/C:L/RC:R/E:U/RL:U
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
jollytechlobby_track
8.2.186
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/149644
https://exchange.xforce.ibmcloud.com/vulnerabilities/149644