← Back

Access Manager

access_manager

Vendor: Capmon • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-18256
1Capmon
1Access Manager
Nov 21, 2024
Mar 15, 2019
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
An issue was discovered in CapMon Access Manager 5.4.1.1005. A regular user can obtain local administrator privileges if they run any whitelisted application through the Custom App Launcher.
CVE-2018-18255
1Capmon
1Access Manager
Nov 21, 2024
Mar 15, 2019
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
An issue was discovered in CapMon Access Manager 5.4.1.1005. The client applications of AccessManagerCoreService.exe communicate with this server through named pipes. A user can initiate communication with the server by...Show more
An issue was discovered in CapMon Access Manager 5.4.1.1005. The client applications of AccessManagerCoreService.exe communicate with this server through named pipes. A user can initiate communication with the server by creating a named pipe and sending commands to achieve elevated privileges.Show less
CVE-2018-18254
1Capmon
1Access Manager
Nov 21, 2024
Mar 15, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
An issue was discovered in CapMon Access Manager 5.4.1.1005. An unprivileged user can read the cal_whitelist table in the Custom App Launcher (CAL) database, and potentially gain privileges by placing a Trojan horse prog...Show more
An issue was discovered in CapMon Access Manager 5.4.1.1005. An unprivileged user can read the cal_whitelist table in the Custom App Launcher (CAL) database, and potentially gain privileges by placing a Trojan horse program at an app pathname.Show less
CVE-2018-18253
1Capmon
1Access Manager
Nov 21, 2024
Mar 15, 2019
N/A· v4
7.0 HIGH· v3
6.9 MEDIUM· v2
An issue was discovered in CapMon Access Manager 5.4.1.1005. CALRunElevated.exe attempts to enforce access control by adding an unprivileged user to the local Administrators group for a very short time to execute a singl...Show more
An issue was discovered in CapMon Access Manager 5.4.1.1005. CALRunElevated.exe attempts to enforce access control by adding an unprivileged user to the local Administrators group for a very short time to execute a single command. However, the user is left in that group if the command crashes, and there is also a race condition in all cases.Show less
CVE-2018-18252
1Capmon
1Access Manager
Nov 21, 2024
Mar 15, 2019
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
An issue was discovered in CapMon Access Manager 5.4.1.1005. CALRunElevated.exe provides "NT AUTHORITY\SYSTEM" access to unprivileged users via the --system option.