CVE-2019-10885

CVE Database · CVE-2019-10885

CVE-2019-10885

· N/AModified

CVSS v3.1

N/A

EPSS

1.04%

Published

Apr 5, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can bypass Workspace Control security features configured for this session by resetting the session context.

Weaknesses (CWE)

CWE-264

Affected Products (1)

ivanti · workspace_control (up to 10.3.90.0)vulnerable

References (4)

http://packetstormsecurity.com/files/156792/Ivanti-Workspace-Manager-Security-Bypass.html

https://community.ivanti.com/docs/DOC-74552

Vendor Advisory

http://packetstormsecurity.com/files/156792/Ivanti-Workspace-Manager-Security-Bypass.html

https://community.ivanti.com/docs/DOC-74552

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs