Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the WMTemp work folder used by PowerGrid. A malicious PowerGrid XML file can then be created, after which the folder is renamed back to its original value. Also, CVE-2018-15591 exploitation can consequently be achieved by using PowerGrid with the /SEE parameter to execute the arbitrary command specified in the XML file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ivanti Workspace Control 安全漏洞
Vulnerability Description
Ivanti Workspace Control(RES One Workspace)是美国Ivanti公司的一套工作区控制软件。该软件包括用户管理、应用管理和报告管理等功能。 Ivanti Workspace Control 10.3.110.0版本中存在安全漏洞。攻击者可通过重命名PowerGrid所使用的WMTemp文件夹利用该漏洞绕过FileGuard保护并创建恶意的PowerGrid XML文件。
CVSS Information
N/A
Vulnerability Type
N/A