N/A

An issue was discovered in CapMon Access Manager 5.4.1.1005. An unprivileged user can read the cal_whitelist table in the Custom App Launcher (CAL) database, and potentially gain privileges by placing a Trojan horse program at an app pathname.

N/A

N/A

CapMon Access Manager 权限许可和访问控制漏洞

CapMon Access Manager是丹麦CapMon公司的一套访问管理软件。该软件支持应用程序白名单/黑名单、审计日志等功能。 CapMon Access Manager 5.4.1.1005版本中存在安全漏洞。攻击者可通过放置恶意程序利用该漏洞读取Custom App Launcher (CAL)数据库中的cal_whitelist表单并获取权限。

N/A

N/A