Vulnerabilities > CVE-2019-12375 - Files or Directories Accessible to External Parties vulnerability in Ivanti Landesk Management Suite 10.0.1.168

CVSS 6.3 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

LOW

low complexity

ivanti

CWE-552

NVD

Published: 2019-06-03

Updated: 2024-11-21

Summary

Open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote information disclosure and arbitrary code execution.

Vulnerable Configurations

Part	Description	Count
Application	Ivanti Ivanti Landesk Management Suite 10.0.1.168	1

Common Weakness Enumeration (CWE)

CWE-552 - Files or Directories Accessible to External Parties

References

https://www.gnzlabs.io/gnzlabs-blog/landesk-management-server-open-directories/
https://www.gnzlabs.io/gnzlabs-blog/landesk-management-server-open-directories/