CVE-2023-38043

HIGH Year: 2023
CVSS v3 Score
8.8
High
Weakness Type
CWE-400
View all →

Vulnerability Description

A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine and, in some cases, resulting in a full compromise of the system.

Related Vulnerabilities

CVE-2017-15595

HIGH
CVSS:8.8(High)

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via ...

CWE-4002017

CVE-2020-15565

HIGH
CVSS:8.8(High)

An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-...

CWE-4002020

CVE-2020-19726

HIGH
CVSS:8.8(High)

An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service.

CWE-4002020

CVE-2021-22964

HIGH
CVSS:8.8(High)

A redirect vulnerability in the `fastify-static` module version >= 4.2.4 and < 4.4.1 allows remote attackers to redirect Mozilla Firefox users to arbitrary websites via a double slash `//` followed by...

CWE-4002021

CVE-2021-4440

HIGH
CVSS:8.8(High)

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGS_SYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGS_SYSRET64 is used to ret...

CWE-4002021

CVE-2022-28639

HIGH
CVSS:8.8(High)

A remote potential adjacent denial of service (DoS) and potential adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability ...

CWE-4002022