CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Ivanti: >> Secure Access Client >> 22.5 Security Vulnerabilities

CVE-2023-38041

A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system.

CVSS Score

7.8

EPSS Score

0.003

Published

2023-10-25

Page 2

Vulnerabilities

Vulnerable Software

Ivanti: >> Secure Access Client >> 22.5 Security Vulnerabilities

Products

Pricing

Contact Us