本頁列出影響 capmon access_manager 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2018-18256 | An issue was discovered in CapMon Access Manager 5.4.1.1005. A regular user can obtain local administrator privileges if they run any whitelisted application through the Custom App Launcher. | [email protected] | 7.8 | 0.41% | 2019-03-15 | 2026-06-16 |
| CVE-2018-18255 | An issue was discovered in CapMon Access Manager 5.4.1.1005. The client applications of AccessManagerCoreService.exe communicate with this server through named pipes. A user can initiate communication with the server by creating a named pipe and sending commands to achieve elevated privileges. | [email protected] | 7.8 | 0.41% | 2019-03-15 | 2026-06-16 |
| CVE-2018-18254 | An issue was discovered in CapMon Access Manager 5.4.1.1005. An unprivileged user can read the cal_whitelist table in the Custom App Launcher (CAL) database, and potentially gain privileges by placing a Trojan horse program at an app pathname. | [email protected] | 7.8 | 0.39% | 2019-03-15 | 2026-06-16 |
| CVE-2018-18253 | An issue was discovered in CapMon Access Manager 5.4.1.1005. CALRunElevated.exe attempts to enforce access control by adding an unprivileged user to the local Administrators group for a very short time to execute a single command. However, the user is left in that group if the command crashes, and there is also a race condition in all cases. | [email protected] | 7.0 | 0.30% | 2019-03-15 | 2026-06-16 |
| CVE-2018-18252 | An issue was discovered in CapMon Access Manager 5.4.1.1005. CALRunElevated.exe provides "NT AUTHORITY\SYSTEM" access to unprivileged users via the --system option. | [email protected] | 7.8 | 0.43% | 2019-03-15 | 2026-06-16 |