1. CVE-Search
  2. CVE-2018-20146
ID CVE-2018-20146
Summary An issue was discovered in Liquidware ProfileUnity before 6.8.0 with Liquidware FlexApp before 6.8.0. A local user could obtain administrator rights, as demonstrated by use of PowerShell.
References
Vulnerable Configurations
  • cpe:2.3:a:liquidware:flexapp:5.5.1637:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:5.5.1637:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:5.5.1818:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:5.5.1818:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:5.5.2111:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:5.5.2111:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:5.6.2756:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:5.6.2756:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:5.7.5093:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:5.7.5093:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:5.7.5129:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:5.7.5129:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:5.7.5158:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:5.7.5158:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.0.5379:*:patch1:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.0.5379:*:patch1:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.0.5409:*:patch2:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.0.5409:*:patch2:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.5.1.5833:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.5.1.5833:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.5.2.5896:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.5.2.5896:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.5.8.6159:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.5.8.6159:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.5.9.6136:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.5.9.6136:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.5.10.6310:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.5.10.6310:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.5.5751:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.5.5751:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.5.6037:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.5.6037:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.5.6086:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.5.6086:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.5.6116:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.5.6116:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.7.0.6422:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.7.0.6422:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.7.5.6663:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.7.5.6663:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.7.6.6684:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.7.6.6684:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:flexapp:6.7.7.6701:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:flexapp:6.7.7.6701:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:5.5.1637:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:5.5.1637:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:5.5.1818:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:5.5.1818:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:5.5.2111:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:5.5.2111:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:5.6.2756:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:5.6.2756:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:5.7.5093:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:5.7.5093:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:5.7.5129:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:5.7.5129:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:5.7.5158:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:5.7.5158:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.5.1.5833:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.5.1.5833:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.5.2.5896:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.5.2.5896:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.5.8.6159:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.5.8.6159:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.5.9.6136:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.5.9.6136:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.5.10.6310:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.5.10.6310:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.5.5751:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.5.5751:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.5.6037:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.5.6037:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.5.6086:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.5.6086:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.5.6116:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.5.6116:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.7.0.6422:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.7.0.6422:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.7.5.6663:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.7.5.6663:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.7.6.6684:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.7.6.6684:*:*:*:*:*:*:*
  • cpe:2.3:a:liquidware:profileunity:6.7.7.6701:*:*:*:*:*:*:*
    cpe:2.3:a:liquidware:profileunity:6.7.7.6701:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
misc https://www.liquidware.com/content/pdf/documents/support/Liquidware-ProfileUnity-Release-Notes.pdf
Last major update 03-10-2019 - 00:03
Published 21-02-2019 - 03:29
Last modified 03-10-2019 - 00:03
Back to Top