Product:

Workspace_control

(Ivanti)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 19
Date Id Summary Products Score Patch Annotated
2024-12-11 CVE-2024-8496 Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation. Workspace_control 7.8
2021-09-01 CVE-2021-36235 An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges. Workspace_control 7.8
2022-01-10 CVE-2022-21823 A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector. Workspace_control 5.5
2024-09-10 CVE-2024-44103 DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. Workspace_control 7.8
2024-09-10 CVE-2024-44104 An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. Workspace_control 7.8
2024-09-10 CVE-2024-44105 Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to obtain OS credentials. Workspace_control 7.8
2024-09-10 CVE-2024-44106 Insufficient server-side controls in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. Workspace_control 7.8
2024-09-10 CVE-2024-44107 DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution. Workspace_control 7.8
2024-09-10 CVE-2024-8012 An authentication bypass weakness in the message broker service of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. Workspace_control 7.8
2021-12-15 CVE-2019-19138 Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity. Workspace_control 7.5