CVE-2018-6316

Ivanti Endpoint Security (formerly HEAT Endpoint Management and Security Suite) 8.5 Update 1 and earlier allows an authenticated user with low privileges and access to the local network to bypass application whitelisting when using the Application Control module on Ivanti Endpoint Security in lockdown mode.
References
Link Resource
https://community.ivanti.com/docs/DOC-65656 Permissions Required
https://community.ivanti.com/docs/DOC-65656 Permissions Required
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ivanti:endpoint_security:*:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:endpoint_security:8.5:update_1:*:*:*:*:*:*

History

21 Nov 2024, 04:10

Type Values Removed Values Added
References () https://community.ivanti.com/docs/DOC-65656 - Permissions Required () https://community.ivanti.com/docs/DOC-65656 - Permissions Required

Information

Published : 2018-02-15 23:29

Updated : 2024-11-21 04:10


NVD link : CVE-2018-6316

Mitre link : CVE-2018-6316

CVE.ORG link : CVE-2018-6316


JSON object : View

Products Affected

ivanti

  • endpoint_security
CWE
CWE-863

Incorrect Authorization