VYPR

Workspace Control

by Ivanti

CVEs (10)

  • CVE-2025-5353Jun 10, 2025
    Ivanti
    Workspace Control
    risk 0.00cvss epss 0.00

    A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials.

  • CVE-2025-22463Jun 10, 2025
    Ivanti
    Workspace Control
    risk 0.00cvss epss 0.00

    A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.

  • CVE-2025-22455Jun 10, 2025
    Ivanti
    Workspace Control
    risk 0.00cvss epss 0.00

    A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.

  • CVE-2024-8496Dec 11, 2024
    Ivanti
    Workspace Control
    risk 0.00cvss epss 0.00

    Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.

  • CVE-2024-44107Sep 10, 2024
    Ivanti
    Workspace Control
    risk 0.00cvss epss 0.00

    DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution.

  • CVE-2024-44106Sep 10, 2024
    Ivanti
    Workspace Control
    risk 0.00cvss epss 0.01

    Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.

  • CVE-2024-44105Sep 10, 2024
    Ivanti
    Workspace Control
    risk 0.00cvss epss 0.00

    Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to obtain OS credentials.

  • CVE-2024-44104Sep 10, 2024
    Ivanti
    Workspace Control
    risk 0.00cvss epss 0.00

    An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.

  • CVE-2024-44103Sep 10, 2024
    Ivanti
    Workspace Control
    risk 0.00cvss epss 0.00

    DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.

  • CVE-2024-8012Sep 10, 2024
    Ivanti
    Workspace Control
    risk 0.00cvss epss 0.00

    An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.