CVE-2022-21823

5.5MEDIUM

Key Information:

Vendor: Ivanti
Status: Ivanti Workspace Control
Vendor: CVE Published:; 10 January 2022

Summary

A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector.

Affected Version(s)

Ivanti Workspace Control 2021.2 (10.7.30.0)

References

https://forums.ivanti.com/s/article/A-locally-authenticat...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2022
Vulnerability Reserved
Dec 10, 2021

Collectors

NVD DatabaseMitre Database