Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.
A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Secure_access_client | Ivanti | * | 22.7 (excluding) |
Secure_access_client | Ivanti | 22.7 (including) | 22.7 (including) |
Secure_access_client | Ivanti | 22.7-r1 (including) | 22.7-r1 (including) |
Secure_access_client | Ivanti | 22.7-r1.1 (including) | 22.7-r1.1 (including) |
Secure_access_client | Ivanti | 22.7-r2 (including) | 22.7-r2 (including) |
Secure_access_client | Ivanti | 22.7-r3 (including) | 22.7-r3 (including) |