ID CVE-2018-18865
Summary The Royal browser extensions TS before 4.3.60728 (Release Date 2018-07-28) and TSX before 3.3.1 (Release Date 2018-09-13) allow Credentials Disclosure.
References
Vulnerable Configurations
  • cpe:2.3:a:royalapplications:royal_ts:*:*:*:*:*:*:*:*
    cpe:2.3:a:royalapplications:royal_ts:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  • cpe:2.3:a:royalapplications:royal_tsx:*:*:*:*:*:*:*:*
    cpe:2.3:a:royalapplications:royal_tsx:*:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os:-:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 04-02-2019 - 13:48)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:N
refmap via4
exploit-db 45783
fulldisc
  • 20181102 Royal TS/X - Information Disclosure
  • 20181105 Re: Royal TS/X - Information Disclosure
misc http://packetstormsecurity.com/files/150136/Royal-TS-X-Information-Disclosure.html
Last major update 04-02-2019 - 13:48
Published 20-11-2018 - 19:29
Back to Top