CVE-2020-11533

Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
VendorProductVersion
ivantiworkspace_control
𝑥
< 10.4.30.0
𝑥
= Vulnerable software versions
References
https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector
https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector