Ivanti Incapptic Connect
By the Year
In 2024 there have been 0 vulnerabilities in Ivanti Incapptic Connect . Incapptic Connect did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 3 | 6.93 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Incapptic Connect vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Ivanti Incapptic Connect Security Vulnerabilities
An authenticated high privileged user
CVE-2022-22571
4.8 - Medium
- April 11, 2022
An authenticated high privileged user can perform a stored XSS attack due to incorrect output encoding in Incapptic connect and affects all current versions.
XSS
A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality
CVE-2022-22572
8.8 - High
- April 11, 2022
A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1.
A user with high privilege access to the Incapptic Connect web console
CVE-2022-21828
7.2 - High
- March 04, 2022
A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0, 1.39.1, 1.39.0, 1.38.1, 1.38.0, 1.37.1, 1.37.0, 1.36.0, 1.35.5, 1.35.4 and 1.35.3.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Ivanti Incapptic Connect or by Ivanti? Click the Watch button to subscribe.
