exploitDog

GHSA-95w6-qmmc-2w7r

Опубликовано: 08 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.4

Описание

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

Ссылки

EPSS

Процентиль: 16%

0.00053

Низкий

8.4 High

CVSS3

CVE ID

Дефекты

CWE-257

Связанные уязвимости

CVE-2025-6995

CVSS3: 8.4

nvd

7 месяцев назад

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

EPSS

Процентиль: 16%

0.00053

Низкий

8.4 High

CVSS3

CVE ID

Дефекты

CWE-257