Ivanti Landesk Management Suite 10.0.1.168 Remote Code Execution Vulnerability

Summary

Open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote information disclosure and arbitrary code execution.

Credit:

The information has been provided by Ivanti

The original article can be found at: https://www.gnzlabs.io/gnzlabs-blog/landesk-management-server-open-directories/


Details

Ivanti Landesk Management Suite is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.

Vulnerable Systems:

  • Ivanti Landesk Management Suite 10.0.1.168

CVE Information:

CVE-2019-12375

Disclosure Timeline:
Publish Date:06/03/2019

Categories: News