Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Workspace_control
(Ivanti)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-12-11 | CVE-2024-8496 | Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation. | Workspace_control | 7.8 | ||
| 2021-09-01 | CVE-2021-36235 | An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges. | Workspace_control | 7.8 | ||
| 2022-01-10 | CVE-2022-21823 | A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector. | Workspace_control | 5.5 | ||
| 2024-09-10 | CVE-2024-44103 | DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. | Workspace_control | 7.8 | ||
| 2024-09-10 | CVE-2024-44104 | An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. | Workspace_control | 7.8 | ||
| 2024-09-10 | CVE-2024-44105 | Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to obtain OS credentials. | Workspace_control | 7.8 | ||
| 2024-09-10 | CVE-2024-44106 | Insufficient server-side controls in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. | Workspace_control | 7.8 | ||
| 2024-09-10 | CVE-2024-44107 | DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution. | Workspace_control | 7.8 | ||
| 2024-09-10 | CVE-2024-8012 | An authentication bypass weakness in the message broker service of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. | Workspace_control | 7.8 |