CVE-2024-37364

MEDIUM Year: 2024
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-269
View all →

Vulnerability Description

Ariane Allegro Scenario Player through 2024-03-05, when Ariane Duo kiosk mode is used, allows physically proximate attackers to obtain sensitive information (such as hotel invoice content with PII), and potentially create unauthorized room keys, by entering a guest-search quote character and then accessing the underlying Windows OS.

Related Vulnerabilities

CVE-2018-4478

MEDIUM
CVSS:6.8(Medium)

A validation issue was addressed with improved logic. This issue is fixed in macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan. An attacker with physical ...

CWE-2692018

CVE-2019-3588

MEDIUM
CVSS:6.8(Medium)

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan ...

CWE-2692019

CVE-2020-15797

MEDIUM
CVSS:6.8(Medium)

A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-202...

CWE-2692020

CVE-2020-5916

MEDIUM
CVSS:6.8(Medium)

In BIG-IP versions 15.1.0-15.1.0.4 and 15.0.0-15.0.1.3 the Certificate Administrator user role and higher privileged roles can perform arbitrary file reads outside of the web root directory.

CWE-2692020