Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Ivanti Subscribe
Filtered by product Workspace Control

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19138 1 Ivanti 1 Workspace Control 2021-12-20 5.0 MEDIUM 7.5 HIGH
Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity.
CVE-2021-36235 1 Ivanti 1 Workspace Control 2021-09-08 4.6 MEDIUM 7.8 HIGH
An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges.
CVE-2019-17066 1 Ivanti 1 Workspace Control 2020-05-20 7.2 HIGH 7.8 HIGH
In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.
CVE-2019-10885 1 Ivanti 1 Workspace Control 2020-03-18 4.6 MEDIUM 7.8 HIGH
An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can bypass Workspace Control security features configured for this session by resetting the session context.
CVE-2019-19675 1 Ivanti 1 Workspace Control 2019-12-27 4.4 MEDIUM 7.8 HIGH
In Ivanti Workspace Control before 10.3.180.0. a locally authenticated user with low privileges can bypass Managed Application Security by leveraging an unspecified attack vector in Workspace Preferences, when it is enabled. As a result, the attacker can start applications that should be blocked.
CVE-2018-15591 1 Ivanti 1 Workspace Control 2019-10-03 4.6 MEDIUM 7.8 HIGH
An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can bypass Application Whitelisting restrictions to execute arbitrary code by leveraging multiple unspecified attack vectors.
CVE-2018-15593 1 Ivanti 1 Workspace Control 2019-10-03 2.1 LOW 7.8 HIGH
An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or relay server password by leveraging an unspecified attack vector.
CVE-2018-15592 1 Ivanti 1 Workspace Control 2019-10-03 4.6 MEDIUM 7.8 HIGH
An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can execute processes with elevated privileges via an unspecified attack vector.