CVE-2022-21828

A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0, 1.39.1, 1.39.0, 1.38.1, 1.38.0, 1.37.1, 1.37.0, 1.36.0, 1.35.5, 1.35.4 and 1.35.3.
References
Link Resource
https://forums.ivanti.com/s/article/SA-2022-02-23?language=en_US Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:ivanti:incapptic_connect:1.40.0:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:incapptic_connect:1.39.1:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:incapptic_connect:1.39.0:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:incapptic_connect:1.38.1:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:incapptic_connect:1.38.0:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:incapptic_connect:1.37.1:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:incapptic_connect:1.37.0:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:incapptic_connect:1.36.0:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:incapptic_connect:1.35.5:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:incapptic_connect:1.35.4:*:*:*:*:*:*:*
cpe:2.3:a:ivanti:incapptic_connect:1.35.3:*:*:*:*:*:*:*

Information

Published : 2022-03-04 05:15

Updated : 2022-03-21 04:21


NVD link : CVE-2022-21828

Mitre link : CVE-2022-21828

Products Affected
No products.