CVE-2018-17489

EasyLobby Solo could allow a local attacker to obtain sensitive information, caused by the storing of the social security number in plaintext. By visiting the kiosk and viewing the Visitor table of the database, an attacker could exploit this vulnerability to view stored social security numbers.
References
Link Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/149649 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/149649 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:hidglobal:easylobby_solo:11.0.4563:*:*:*:*:*:*:*

History

21 Nov 2024, 03:54

Type Values Removed Values Added
CVSS v2 : 2.1
v3 : 5.5
v2 : 2.1
v3 : 2.9
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/149649 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/149649 - Third Party Advisory, VDB Entry

Information

Published : 2019-03-21 16:00

Updated : 2024-11-21 03:54


NVD link : CVE-2018-17489

Mitre link : CVE-2018-17489

CVE.ORG link : CVE-2018-17489


JSON object : View

Products Affected

hidglobal

  • easylobby_solo
CWE
CWE-312

Cleartext Storage of Sensitive Information