CVE-2024-44106

Name of the Vulnerable Software and Affected Versions: Ivanti Workspace Control versions 10.18.0.0 and below

Description: The issue is related to insufficient server-side controls in the management console of Ivanti Workspace Control, which can be exploited by a local authenticated attacker to escalate their privileges. This is due to the implementation of security functions on the client-side. The exploitation of this issue may allow an attacker to increase their privileges.

Recommendations: For Ivanti Workspace Control versions 10.18.0.0 and below, update to a version above 10.18.0.0 to resolve the issue. As a temporary workaround, consider restricting access to the management console to minimize the risk of exploitation.