CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11533
https://notcve.org/view.php?id=CVE-2020-11533
Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material). Ivanti Workspace Control versiones anteriores a 10.4.30.0, cuando la integración SCCM está habilitada, permite a usuarios locales obtener información confidencial (material de codificación). • https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16382
https://notcve.org/view.php?id=CVE-2019-16382
An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the WMTemp work folder used by PowerGrid. A malicious PowerGrid XML file can then be created, after which the folder is renamed back to its original value. Also, CVE-2018-15591 exploitation can consequently be achieved by using PowerGrid with the /SEE parameter to execute the arbitrary command specified in the XML file. Se detectó un problema en Ivanti Workspace Control versión 10.3.110.0. • https://forums.ivanti.com/s/article/Security-Alert-Ivanti-Workspace-Control-September-2019 https://twitter.com/jmoosdijk •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19675
https://notcve.org/view.php?id=CVE-2019-19675
In Ivanti Workspace Control before 10.3.180.0. a locally authenticated user with low privileges can bypass Managed Application Security by leveraging an unspecified attack vector in Workspace Preferences, when it is enabled. As a result, the attacker can start applications that should be blocked. En Ivanti Workspace Control versiones anteriores a 10.3.180.0. Un usuario autenticado localmente con privilegios bajos puede omitir a Managed Application Security mediante el aprovechamiento de un vector de ataque no especificado en Workspace Preferences, cuando está habilitado. Como resultado, el atacante puede iniciar aplicaciones que deberían estar bloqueadas. • https://forums.ivanti.com/s/article/Locally-authenticated-user-can-bypass-File-and-Folder-Security-by-leveraging-an-unspecified-attack-vector • CWE-276: Incorrect Default Permissions •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2019-10651
https://notcve.org/view.php?id=CVE-2019-10651
An issue was discovered in the Core Server in Ivanti Endpoint Manager (EPM) 2017.3 before SU7 and 2018.x before 2018.3 SU3, with remote code execution. In other words, the issue affects 2017.3, 2018.1, and 2018.3 installations that lack the April 2019 update. Se detectó un problema en el servidor Core en Ivanti Endpoint Manager (EPM) instalaciones 2017.3 anteriores a SU7 y instalaciones 2018.x anteriores a 2018.3 SU3, con ejecución de código remota. En otras palabras, el problema afecta a las instalaciones 2017.3, 2018.1 y 2018.3 que carecen de la actualización de abril de 2019. • https://forums.ivanti.com/s/article/Security-Alert-Ivanti-Endpoint-Manager-April-2019 •
CVSS: 7.8EPSS: 97%CPEs: 91EXPL: 0CVE-2019-11477 – Integer overflow in TCP_SKB_CB(skb)->tcp_gso_segs
https://notcve.org/view.php?id=CVE-2019-11477
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff. Jonathan Looney detectó que el valor TCP_SKB_CB(skb)-mayor que tcp_gso_segs estuvo sujeto a un desbordamiento de enteros en el kernel de Linux durante el manejo del Reconocimiento Selectivo (SACK) de TCP. Un atacante remoto podría usar esto para causar una denegación de servicio. • http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en http://www.openwall.com/lists/oss-security/2019/06/20/3 http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss&# • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •