Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Under specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
缺省权限不正确
Vulnerability Title
Ivanti Security Control 安全漏洞
Vulnerability Description
Ivanti Security Control是美国Ivanti公司的一个统一的 IT 管理平台。用于管理和保护基于 Windows 的计算机、基于 Linux 的计算机和 VMware ESXi 虚拟机监控程序。 Ivanti Security Controls 2024.4.1之前版本存在安全漏洞,该漏洞源于权限管理不当。攻击者利用该漏洞可以提升权限。
CVSS Information
N/A
Vulnerability Type
N/A