CVE-2021-36235
First published: Wed Sep 01 2021(Updated: )
An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ivanti Workspace Control | <10.6.30.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this issue in Ivanti Workspace Control?
The vulnerability ID of this issue in Ivanti Workspace Control is CVE-2021-36235.
What is the severity of CVE-2021-36235?
The severity of CVE-2021-36235 is high (7.8).
How does the vulnerability in Ivanti Workspace Control allow bypassing File and Folder Security?
The vulnerability in Ivanti Workspace Control allows a locally authenticated user with low privileges to bypass File and Folder Security by leveraging an unspecified attack vector.
What is the impact of the vulnerability in Ivanti Workspace Control?
The impact of the vulnerability in Ivanti Workspace Control is that an attacker with low privileges can start applications with elevated privileges.
Is there a fix for the vulnerability in Ivanti Workspace Control?
Yes, the fix for the vulnerability in Ivanti Workspace Control is to upgrade to version 10.6.30.0 or later.
- collector/nvd-index
- agent/type
- agent/event
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/ivanti
- canonical/ivanti workspace control