CVE-2019-16382
https://notcve.org/view.php?id=CVE-2019-16382
An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the WMTemp work folder used by PowerGrid. A malicious PowerGrid XML file can then be created, after which the folder is renamed back to its original value. Also, CVE-2018-15591 exploitation can consequently be achieved by using PowerGrid with the /SEE parameter to execute the arbitrary command specified in the XML file. Se detectó un problema en Ivanti Workspace Control versión 10.3.110.0. • https://forums.ivanti.com/s/article/Security-Alert-Ivanti-Workspace-Control-September-2019 https://twitter.com/jmoosdijk •
CVE-2019-19675
https://notcve.org/view.php?id=CVE-2019-19675
In Ivanti Workspace Control before 10.3.180.0. a locally authenticated user with low privileges can bypass Managed Application Security by leveraging an unspecified attack vector in Workspace Preferences, when it is enabled. As a result, the attacker can start applications that should be blocked. En Ivanti Workspace Control versiones anteriores a 10.3.180.0. Un usuario autenticado localmente con privilegios bajos puede omitir a Managed Application Security mediante el aprovechamiento de un vector de ataque no especificado en Workspace Preferences, cuando está habilitado. Como resultado, el atacante puede iniciar aplicaciones que deberían estar bloqueadas. • https://forums.ivanti.com/s/article/Locally-authenticated-user-can-bypass-File-and-Folder-Security-by-leveraging-an-unspecified-attack-vector • CWE-276: Incorrect Default Permissions •
CVE-2019-10885 – Ivanti Workspace Manager Security Bypass
https://notcve.org/view.php?id=CVE-2019-10885
An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can bypass Workspace Control security features configured for this session by resetting the session context. Se ha descubierto un problema en Ivanti Workspace Control en versiones anteriores a la 10.3.90.0. Los usuarios locales autenticados con bajos privilegios en una sesión gestionada de Workspace Control pueden omitir las funcionalidades de seguridad de Workspace Control configuradas para esta sesión restableciendo el contexto de la misma. Ivanti Workspace Manager versions prior to 10.3.90 suffer from a bypass vulnerability. • http://packetstormsecurity.com/files/156792/Ivanti-Workspace-Manager-Security-Bypass.html https://community.ivanti.com/docs/DOC-74552 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2018-15592
https://notcve.org/view.php?id=CVE-2018-15592
An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can execute processes with elevated privileges via an unspecified attack vector. Se ha descubierto un problema en Ivanti Workspace Control en versiones anteriores a la 10.3.10.0 y RES One Workspace. Un usuario local autenticado puede ejecutar procesos con privilegios elevados mediante un vector de ataque sin especificar. • http://packetstormsecurity.com/files/149615/Ivanti-Workspace-Control-Named-Pipe-Privilege-Escalation.html http://seclists.org/fulldisclosure/2018/Oct/1 https://community.ivanti.com/docs/DOC-69692 https://seclists.org/bugtraq/2018/Oct/7 https://www.securify.nl/en/advisory/SFY20180802/ivanti-workspace-control-local-privilege-escalation-via-named-pipe.html • CWE-269: Improper Privilege Management •
CVE-2018-15591
https://notcve.org/view.php?id=CVE-2018-15591
An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can bypass Application Whitelisting restrictions to execute arbitrary code by leveraging multiple unspecified attack vectors. Se ha descubierto un problema en Ivanti Workspace Control en versiones anteriores a la 10.3.10.0 y RES One Workspace. Un usuario local autenticado puede omitir las restricciones de lista blanca de aplicaciones para ejecutar código arbitrario aprovechando múltiples vectores de ataque sin especificar. • http://packetstormsecurity.com/files/149614/Ivanti-Workspace-Control-Application-PowerGrid-SEE-Whitelist-Bypass.html http://seclists.org/fulldisclosure/2018/Oct/4 https://community.ivanti.com/docs/DOC-69684 https://seclists.org/bugtraq/2018/Oct/8 https://www.securify.nl/en/advisory/SFY20180806/ivanti-workspace-control-application-whitelist-bypass-via-powergrid-_see-command-line-argument.html • CWE-668: Exposure of Resource to Wrong Sphere •