CVE-2018-15809 Information

Description

AccuPOS 2017.8 is installed with the insecure \Authenticated Users: Modify\ permission for files within the installation path. This may allow local attackers to compromise the integrity of critical resource and executable files.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Reference

https://versprite.com/advisories/accupos/

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

5.5