2 matches found
CVE-2024-9167
CVE-2024-9167 concerns Ivanti Velocity License Server prior to version 5.2, where insecure file/permission handling allows a locally authenticated attacker to escalate privileges. The underlying issue is insecure permissions that fail to enforce proper access controls, enabling a LOCAL, LOW-COMPL...
Security Advisory Velocity License Server (CVE-2024-9167)
Summary Ivanti has released updates for the Velocity License Server which addresses a high-severity vulnerability. Successful exploitation could lead to local privilege escalation. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability...