FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a challenge-response manner upon attempting to elevate privileges. The challenge's response uses a simple algorithm that can be easily emulated via data (customer ID and device name) available to all users, and thus any user can elevate to Administrator privilege.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-23T00:00:00
Updated: 2024-08-05T01:33:17.108Z
Reserved: 2019-10-05T00:00:00
Link: CVE-2019-17202
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-01-23T15:15:13.380
Modified: 2023-05-25T17:15:11.630
Link: CVE-2019-17202
Redhat
No data.