A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0, 1.39.1, 1.39.0, 1.38.1, 1.38.0, 1.37.1, 1.37.0, 1.36.0, 1.35.5, 1.35.4 and 1.35.3.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Incapptic_connect | Ivanti | 1.35.3 (including) | 1.35.3 (including) |
Incapptic_connect | Ivanti | 1.35.4 (including) | 1.35.4 (including) |
Incapptic_connect | Ivanti | 1.35.5 (including) | 1.35.5 (including) |
Incapptic_connect | Ivanti | 1.36.0 (including) | 1.36.0 (including) |
Incapptic_connect | Ivanti | 1.37.0 (including) | 1.37.0 (including) |
Incapptic_connect | Ivanti | 1.37.1 (including) | 1.37.1 (including) |
Incapptic_connect | Ivanti | 1.38.0 (including) | 1.38.0 (including) |
Incapptic_connect | Ivanti | 1.38.1 (including) | 1.38.1 (including) |
Incapptic_connect | Ivanti | 1.39.0 (including) | 1.39.0 (including) |
Incapptic_connect | Ivanti | 1.39.1 (including) | 1.39.1 (including) |
Incapptic_connect | Ivanti | 1.40.0 (including) | 1.40.0 (including) |