Ivanti Workspace_control

22 CVEs affecting Ivanti Workspace_control. Latest disclosed: 2025-06-10. Critical: 1, High: 18.

Top CVEs affecting Ivanti Workspace_control
CVESeverityScorePublishedSummary
CVE-2019-16382Critical9.82020-03-19An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the WMTemp work folder u…
CVE-2025-5353High8.82025-06-10A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials.
CVE-2025-22455High8.82025-06-10A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.
CVE-2024-44107High8.82024-09-10DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their p…
CVE-2024-44106High8.82024-09-10Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker…
CVE-2024-44104High8.82024-09-10An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 20…
CVE-2024-44103High8.82024-09-10DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their p…
CVE-2024-44105High8.22024-09-10Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authent…
CVE-2024-8496High7.82024-12-11Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local…
CVE-2024-8012High7.82024-09-10An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated atta…
CVE-2021-36235High7.82021-09-01An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by l…
CVE-2019-17066High7.82020-05-18In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.ex…
CVE-2019-19675High7.82019-12-17In Ivanti Workspace Control before 10.3.180.0. a locally authenticated user with low privileges can bypass Managed Application Security by leveraging an unspec…
CVE-2019-10885High7.82019-04-05An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can…
CVE-2018-15593High7.82018-10-15An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or r…
CVE-2018-15592High7.82018-10-15An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can execute processes with elevated priv…
CVE-2018-15591High7.82018-10-15An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can bypass Application Whitelisting rest…
CVE-2019-19138High7.52021-12-15Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity.
CVE-2025-22463High7.32025-06-10A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.
CVE-2022-21823Medium5.52022-01-10A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally auth…