Vulnerabilities > Ivanti

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-30	CVE-2020-8217	Cross-site Scripting vulnerability in multiple products A cross site scripting (XSS) vulnerability in Pulse Connect Secure <9.1R8 allowed attackers to exploit in the URL used for Citrix ICA. network low complexity pulsesecure ivanti CWE-79	5.4
2020-07-30	CVE-2020-8216	An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID. network low complexity pulsesecure ivanti	4.3
2020-07-30	CVE-2020-8206	Improper Authentication vulnerability in multiple products An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP. network high complexity pulsesecure ivanti CWE-287	8.1
2020-07-30	CVE-2020-8204	Cross-site Scripting vulnerability in multiple products A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page. network low complexity pulsesecure ivanti CWE-79	6.1
2020-07-27	CVE-2020-12880	An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. local low complexity pulsesecure ivanti	5.5
2020-05-18	CVE-2019-17066	Improper Privilege Management vulnerability in Ivanti Workspace Control In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. local low complexity ivanti CWE-269	7.8
2020-04-28	CVE-2020-12442	SQL Injection vulnerability in Ivanti Avalanche 6.3 Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250. network low complexity ivanti CWE-89 critical	9.8
2020-04-04	CVE-2020-11533	Unspecified vulnerability in Ivanti Workspace Control Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material). local low complexity ivanti	5.5
2020-03-19	CVE-2019-16382	Unspecified vulnerability in Ivanti Workspace Control 10.3.110.0 An issue was discovered in Ivanti Workspace Control 10.3.110.0. network low complexity ivanti critical	9.8
2019-12-17	CVE-2019-19675	Incorrect Default Permissions vulnerability in Ivanti Workspace Control In Ivanti Workspace Control before 10.3.180.0. local low complexity ivanti CWE-276	7.8

Vulnerabilities > Ivanti {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ivanti"}]}

Vulnerabilities > Ivanti