Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Secure_access_client
(Ivanti)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 16 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-11-13 | CVE-2024-38654 | Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service. | Secure_access_client | N/A | ||
| 2024-05-31 | CVE-2023-38042 | A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM. | Secure_access_client | N/A | ||
| 2024-05-31 | CVE-2023-46810 | A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1, allows a low privileged user to execute code as root. | Secure_access_client | N/A | ||
| 2023-10-25 | CVE-2023-38041 | A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system. | Secure_access_client | 7.0 | ||
| 2025-02-11 | CVE-2024-13813 | Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files. | Secure_access_client | 7.1 | ||
| 2024-11-12 | CVE-2024-7571 | Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. | Secure_access_client | 7.8 | ||
| 2024-11-12 | CVE-2024-8539 | Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files. | Secure_access_client | 7.1 | ||
| 2024-11-12 | CVE-2024-9842 | Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders. | Secure_access_client | 3.3 | ||
| 2024-11-12 | CVE-2024-9843 | A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service. | Secure_access_client | 5.5 | ||
| 2023-11-15 | CVE-2023-35080 | A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure. | Secure_access_client | 7.8 |