Lucene search
K

179 matches found

Cvelist
Cvelist
added 2025/06/10 2:39 p.m.12 views

CVE-2025-22463

A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password...

7.3CVSS0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/10 2:38 p.m.5 views

CVE-2025-22455

A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials...

8.8CVSS8.7AI score0.00352EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/10 2:38 p.m.12 views

CVE-2025-22455

A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials...

8.8CVSS0.00352EPSS
Exploits0References1
CVE
CVE
added 2025/06/10 2:38 p.m.65 views

CVE-2025-22455

Ivanti Workspace Control is affected by CVE-2025-22455 due to a hardcoded key that can allow a local authenticated attacker to decrypt stored SQL credentials. The vulnerability concerns versions before 10.19.0.0 (per initial CVE description) with broader remediation references indicating fixes fo...

8.8CVSS8.6AI score0.00352EPSS
Exploits0References1Affected Software1
Ivanti
Ivanti
added 2025/06/10 2:2 p.m.24 views

Security Advisory Ivanti Workspace Control (CVE-2025-5353, CVE- CVE-2025-22463, CVE-2025-22455)

Summary Ivanti has released updates for Ivanti Workspace Control which address three high severity vulnerabilities. Successful exploitation could lead to credential compromise. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability...

8.8CVSS8.7AI score0.00352EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.6 views

Ivanti Workspace Control 安全漏洞

Ivanti Workspace Control is a suite of workspace control software from Ivanti USA. The software includes features such as user management, application management and report management. A security vulnerability exists in Ivanti Workspace Control versions prior to 10.19.10.0, which stems from a...

8.8CVSS7AI score0.00352EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.1 views

PT-2025-24665 · Ivanti · Ivanti Workspace Control

Name of the Vulnerable Software and Affected Versions: Ivanti Workspace Control versions prior to 10.19.10.0 Description: A hardcoded key in the software allows a local authenticated attacker to decrypt the stored environment password. This issue enables an attacker with local access to potential...

8.8CVSS8.9AI score0.00352EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.2 views

PT-2025-24664 · Ivanti · Ivanti Workspace Control

Name of the Vulnerable Software and Affected Versions: Ivanti Workspace Control versions prior to 10.19.0.0 Description: A hardcoded key in the software allows a local authenticated attacker to decrypt stored SQL credentials. Recommendations: For versions prior to 10.19.0.0, update to version...

8.8CVSS9.1AI score0.00352EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.4 views

PT-2025-24669 · Ivanti · Ivanti Workspace Control

Name of the Vulnerable Software and Affected Versions: Ivanti Workspace Control versions prior to 10.19.10.0 Description: A hardcoded key in the software allows a local authenticated attacker to decrypt stored SQL credentials. Recommendations: For versions prior to 10.19.10.0, update to version...

8.8CVSS9.1AI score0.00352EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.7 views

Ivanti Workspace Control 安全漏洞

Ivanti Workspace Control is a suite of workspace control software from Ivanti USA. The software includes features such as user management, application management and report management. A security vulnerability exists in Ivanti Workspace Control versions prior to 10.19.10.0, which stems from a...

8.8CVSS6.4AI score0.00352EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.5 views

Ivanti Workspace Control 安全漏洞

Ivanti Workspace Control is a suite of workspace control software from Ivanti USA. The software includes features such as user management, application management and report management. A security vulnerability exists in Ivanti Workspace Control prior to version 10.19.0.0, which stems from a...

8.8CVSS7AI score0.00352EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 1:21 a.m.10 views

CVE-2022-21823

A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control 2021.2 10.7.30.0 that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector...

5.5CVSS6.3AI score0.00349EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:57 p.m.10 views

CVE-2021-36235

An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges...

7.8CVSS6.8AI score0.00719EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.7 views

CVE-2020-11533

Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information keying material...

5.5CVSS5.2AI score0.00476EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:2 a.m.6 views

CVE-2019-19675

In Ivanti Workspace Control before 10.3.180.0. a locally authenticated user with low privileges can bypass Managed Application Security by leveraging an unspecified attack vector in Workspace Preferences, when it is enabled. As a result, the attacker can start applications that should be blocked...

7.8CVSS6.8AI score0.00466EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:25 a.m.10 views

CVE-2019-19138

Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity...

7.5CVSS6.9AI score0.02088EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:39 a.m.7 views

CVE-2019-10885

An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can bypass Workspace Control security features configured for this session by resetting the session context...

7.8CVSS6.9AI score0.01043EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:28 a.m.10 views

CVE-2019-16382

An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the WMTemp work folder used by PowerGrid. A malicious PowerGrid XML file can then be created, after which the folder is renamed back to its original value. Also,...

9.8CVSS7.3AI score0.02875EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:48 p.m.7 views

CVE-2024-44106

Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 10.19.0.0 allows a local authenticated attacker to escalate their privileges...

8.8CVSS8.5AI score0.00245EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:47 p.m.4 views

CVE-2024-44104

An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 10.19.0.0 allows a local authenticated attacker to escalate their privileges...

8.8CVSS8.6AI score0.00237EPSS
Exploits0References1
Rows per page
Query Builder