CVE-2022-27088

High

Ivanti DSM Remote <= 6.3.1.1862 is vulnerable to an unquoted service path allowing local users to launch processes with elevated privileges.

mitre·CWE-428·Published 2022-04-11

CVSS

7.8

EPSS

0.01

KEV

Exploits

cve.orgen

140 chars

Ivanti DSM Remote <= 6.3.1.1862 is vulnerable to an unquoted service path allowing local users to launch processes with elevated privileges.

NVDen

140 chars

Ivanti DSM Remote <= 6.3.1.1862 is vulnerable to an unquoted service path allowing local users to launch processes with elevated privileges.

Ivanti DSM Remote versiones anteriores a 6.3.1.1862 incluyéndola, es vulnerable a una ruta de servicio no citada que permite a usuarios locales lanzar procesos con altos privilegios

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H