PT-2019-15903 · Ivanti · Ivanti Workspace Control

Publicado

2019-12-17

Atualizado

2019-12-27

CVE-2019-19675

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ivanti Workspace Control versions prior to 10.3.180.0

Description A security issue allows a locally authenticated user with low privileges to bypass Managed Application Security. This is achieved by leveraging an unspecified attack vector in Workspace Preferences when it is enabled, allowing the attacker to start applications that should be blocked.

Recommendations For versions prior to 10.3.180.0, update to version 10.3.180.0 or later to resolve the issue.

Correção

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-276

Identificadores relacionados

CVE-2019-19675

Produtos afetados

Ivanti Workspace Control

PT-2019-15903 · Ivanti · Ivanti Workspace Control

CVE-2019-19675

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3