Product:

Secure_access_client

(Ivanti)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 6
Date Id Summary Products Score Patch Annotated
2023-11-15 CVE-2023-38043 A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine and, in some cases, resulting in a full compromise of the system. Secure_access_client 7.8
2023-11-15 CVE-2023-38543 A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine. Secure_access_client 7.8
2023-11-15 CVE-2023-35080 A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure. Secure_access_client 7.8
2023-11-15 CVE-2023-38544 A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system. Secure_access_client 5.5
2023-11-15 CVE-2023-41718 When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file. Secure_access_client 7.8
2023-10-25 CVE-2023-38041 A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system. Secure_access_client 7.0