Описание
A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 22.6 (исключая)
Одновременно
Одно из
cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:secure_access_client:22.6:r1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00192
Низкий
8.8 High
CVSS3
7.8 High
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-770
Связанные уязвимости
CVSS3: 8.8
github
около 2 лет назад
When a specific component is loaded a local attacker and is able to send a specially crafted request to this component, the attacker could gain elevated privileges on the affected system.
EPSS
Процентиль: 41%
0.00192
Низкий
8.8 High
CVSS3
7.8 High
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-770