CVE-2018-4845

Name of the Vulnerable Software and Affected Versions RAPIDLab 1200 systems versions prior to V3.3 RAPIDPoint 400 systems all versions RAPIDPoint 500 systems versions prior to V3.0 RAPIDPoint 500 systems version V2.4.X RAPIDPoint 500 systems versions prior to V2.3

Description A security issue has been identified that could allow remote attackers with local or remote credentialed access to the "Remote View" feature to elevate their privileges. This could compromise the confidentiality, integrity, and availability of the system. The attack does not require special skills or user interaction. At the time of publication, there were no known public exploitations of this issue.

Recommendations For RAPIDLab 1200 systems versions prior to V3.3, update to version V3.3 or later. For RAPIDPoint 400 systems all versions, consider disabling the "Remote View" feature until a patch is available. For RAPIDPoint 500 systems versions prior to V3.0, update to version V3.0 or later. For RAPIDPoint 500 systems version V2.4.X, consider restricting access to the "Remote View" feature until a patch is available. For RAPIDPoint 500 systems versions prior to V2.3, update to version V2.3 or later.