Описание
The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system.
Уязвимые конфигурации
Конфигурация 1Версия до 2021.1.1 (исключая)
Одно из
cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:endpoint_manager:2021.1.1:-:*:*:*:*:*:*
cpe:2.3:a:ivanti:endpoint_manager:2021.1.1:su1:*:*:*:*:*:*
cpe:2.3:a:ivanti:endpoint_manager:2021.1.1:su2:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00131
Низкий
6.7 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-269
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system.
EPSS
Процентиль: 33%
0.00131
Низкий
6.7 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-269