Vulnerabilities > Ivanti > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2022-22571 | Cross-site Scripting vulnerability in Ivanti Incapptic Connect An authenticated high privileged user can perform a stored XSS attack due to incorrect output encoding in Incapptic connect and affects all current versions. | 3.5 |
| 2022-01-10 | CVE-2022-21823 | Insecure Storage of Sensitive Information vulnerability in Ivanti Workspace Control A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector. | 2.1 |
| 2020-11-16 | CVE-2020-13773 | Cross-site Scripting vulnerability in Ivanti Endpoint Manager Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx, /LDMS/alert_log.aspx, /LDMS/ServerList.aspx, /LDMS/frm_coremainfrm.aspx, /LDMS/frm_findfrm.aspx, /LDMS/frm_taskfrm.aspx, and /LDMS/query_browsecomp.aspx. | 3.5 |
| 2020-04-04 | CVE-2020-11533 | Information Exposure vulnerability in Ivanti Workspace Control Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material). | 2.1 |
| 2019-06-03 | CVE-2019-12373 | Incorrect Permission Assignment for Critical Resource vulnerability in Ivanti Landesk Management Suite 10.0.1.168 Improper access control and open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote disclosure of administrator passwords. | 2.7 |
| 2019-06-03 | CVE-2019-12376 | Use of Hard-coded Credentials vulnerability in Ivanti Landesk Management Suite 10.0.1.168 Use of a hard-coded encryption key in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to full managed endpoint compromise by an authenticated user with read privileges. | 2.7 |
| 2018-10-15 | CVE-2018-15590 | Unspecified vulnerability in Ivanti Workspace Control An issue was discovered in Ivanti Workspace Control before 10.3.0.0 and RES One Workspace, when file and folder security are configured. | 2.1 |
| 2018-10-15 | CVE-2018-15593 | Unspecified vulnerability in Ivanti Workspace Control An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. | 2.1 |
| 2018-06-29 | CVE-2018-8901 | Unspecified vulnerability in Ivanti Avalanche An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. | 2.1 |