Unprivileged User Privilege Escalation via CAL Database in CapMon Access Manager 5.4.1.1005
CVE-2018-18254 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
An issue was discovered in CapMon Access Manager 5.4.1.1005. An unprivileged user can read the cal_whitelist table in the Custom App Launcher (CAL) database, and potentially gain privileges by placing a Trojan horse program at an app pathname.
Learn more about our User Device Pen Test.