Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用候选路径或通道进行的认证绕过
Vulnerability Title
Ivanti Workspace Control 安全漏洞
Vulnerability Description
Ivanti Workspace Control(RES One Workspace)是美国Ivanti公司的一套工作区控制软件。该软件包括用户管理、应用管理和报告管理等功能。 Ivanti Workspace Control 10.18.0.0 版本之前存在安全漏洞,该漏洞源于消息代理服务中包含一个身份验证绕过漏洞。本地经过身份验证的攻击者利用该漏洞可以升级其权限。
CVSS Information
N/A
Vulnerability Type
N/A