Shodan
Vulnerabilities
Vulnerable Software
Ivanti:  >> Workspace Control  >> 10.2.600.1  Security Vulnerabilities
CVE-2025-5353
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-06-10
CVE-2025-22455
A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-06-10
CVE-2025-22463
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-06-10
CVE-2024-44106
Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-09-10
CVE-2024-44107
DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-09-10
CVE-2024-8012
An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-09-10
CVE-2024-44103
DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-09-10
CVE-2024-44104
An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-09-10
CVE-2024-44105
Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to obtain OS credentials.
CVSS Score
8.2
EPSS Score
0.0
Published
2024-09-10
CVE-2022-21823
A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved