CVE-2022-21828

CVE-2022-21828

Vendor N/A
Product Ivanti Incapptic Connect
Weakness CWE-502 · Unsafe deserialization
Published March 4, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0, 1.39.1, 1.39.0, 1.38.1, 1.38.0, 1.37.1, 1.37.0, 1.36.0, 1.35.5, 1.35.4 and 1.35.3.

Key dates

02Disclosure timeline

March 4, 2022 CVE published
August 3, 2024 Record updated