exploitDog

CVE-2019-17066

Опубликовано: 18 мая 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ivanti:workspace_control:*:*:*:*:*:*:*:*

Версия до 10.4.40.0 (исключая)

EPSS

Процентиль: 31%

0.00117

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-269

Связанные уязвимости

GHSA-g5hw-7f7p-926r

github

больше 3 лет назад

In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.

EPSS

Процентиль: 31%

0.00117

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-269