Local Privilege Escalation Vulnerability in Ivanti Workspace Control and RES One Workspace
CVE-2018-15592

7.8HIGH

Key Information:

Vendor
Ivanti
Status
Workspace Control
Vendor
CVE Published:
15 October 2018

Summary

An identified vulnerability in Ivanti Workspace Control versions preceding 10.3.10.0 allows a local authenticated user to execute processes with elevated privileges through an unspecified attack vector. This issue can potentially lead to unauthorized access and manipulation of system resources, demanding immediate attention and corrective measures to secure vulnerable instances.

References

https://community.ivanti.com/docs/DOC-69692
x_refsource_CONFIRM
http://packetstormsecurity.com/files/149615/Ivanti-Worksp...
x_refsource_MISC
https://seclists.org/bugtraq/2018/Oct/7
mailing-listx_refsource_BUGTRAQ

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.