Описание
An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or relay server password by leveraging an unspecified attack vector.
An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or relay server password by leveraging an unspecified attack vector.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-15593
- https://community.ivanti.com/docs/DOC-69693
- https://seclists.org/bugtraq/2018/Oct/5
- https://www.securify.nl/en/advisory/SFY20180804/stored-credentials-ivanti-workspace-control-can-be-retrieved-from-registry.html
- http://packetstormsecurity.com/files/149616/Ivanti-Workspace-Control-Registry-Stored-Credentials.html
- http://seclists.org/fulldisclosure/2018/Oct/3
Связанные уязвимости
CVSS3: 7.8
nvd
больше 7 лет назад
An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or relay server password by leveraging an unspecified attack vector.