CVE-2019-12376

4.5MEDIUM

Key Information:

Vendor
Ivanti
Status
Landesk Management Suite
Vendor
CVE Published:
3 June 2019

Summary

Use of a hard-coded encryption key in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to full managed endpoint compromise by an authenticated user with read privileges.

References

https://www.gnzlabs.io/gnzlabs-blog/landesk-management-se...
x_refsource_MISC

CVSS V3.1

Score:
4.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.