CVE-2018-17489

EUVD-2018-9242
EasyLobby Solo could allow a local attacker to obtain sensitive information, caused by the storing of the social security number in plaintext. By visiting the kiosk and viewing the Visitor table of the database, an attacker could exploit this vulnerability to view stored social security numbers.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.9 LOW
LOCAL
HIGH
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
ibmCNA
2.9 LOW
LOCAL
HIGH
NONE
CVSS:3.0/S:U/UI:N/I:N/A:N/PR:N/AV:L/C:L/AC:H/E:U/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Affected Products (NVD)
VendorProductVersion
hidglobaleasylobby_solo
11.0.4563
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/149649
https://exchange.xforce.ibmcloud.com/vulnerabilities/149649