Authentication flaw

2019-04-0517:29:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can bypass Workspace Control security features configured for this session by resetting the session context.

CPENameOperatorVersion
workspace_controllt10.3.90.0

CPE	Name	Operator	Version
	workspace_control	lt	10.3.90.0

References

packetstormsecurity.com/files/156792/Ivanti-Workspace-Manager-Security-Bypass.html

community.ivanti.com/docs/DOC-74552