CVE-2017-5634

MEDIUM Year: 2017
CVSS v3 Score
6.6
Medium
CVSS v2 Score
7.2
High
Weakness Type
CWE-668
View all →

Vulnerability Description

The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers to bypass the intended "Please select booking identification" UI step, and obtain administrative privileges and network access on the underlying Windows OS, by accessing a touch-screen print icon to manipulate the print dialog.

Related Vulnerabilities

CVE-2023-39478

MEDIUM
CVSS:6.6(Medium)

Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installatio...

CWE-6682023

CVE-2012-5639

MEDIUM
CVSS:6.5(Medium)

LibreOffice and OpenOffice automatically open embedded content

CWE-6682012

CVE-2018-20237

MEDIUM
CVSS:6.5(Medium)

Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.

CWE-6682018

CVE-2019-12875

MEDIUM
CVSS:6.5(Medium)

Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key.

CWE-6682019

CVE-2019-4306

MEDIUM
CVSS:6.5(Medium)

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 specifies permissions for a security-critical resource which could lead to the exposure of sensitive information or the modification of that re...

CWE-6682019

CVE-2020-12687

MEDIUM
CVSS:6.5(Medium)

An issue was discovered in Serpico before 1.3.3. The /admin/attacments_backup endpoint can be requested by non-admin authenticated users. This means that an attacker with a user account can retrieve a...

CWE-6682020