N/A

An issue was discovered in CapMon Access Manager 5.4.1.1005. The client applications of AccessManagerCoreService.exe communicate with this server through named pipes. A user can initiate communication with the server by creating a named pipe and sending commands to achieve elevated privileges.

N/A

N/A

CapMon Access Manager 授权问题漏洞

CapMon Access Manager是丹麦CapMon公司的一套访问管理软件。该软件支持应用程序白名单/黑名单、审计日志等功能。 CapMon Access Manager 5.4.1.1005版本中的AccessManagerCoreService.exe文件存在访问控制错误漏洞。攻击者可通过所创建的命名管道发送命令利用该漏洞获取提升的权限。

N/A

N/A