cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-22572,https://securityvulnerability.io/vulnerability/CVE-2022-22572,Privilege Escalation Vulnerability in Incapptic Connect by Ivanti,"Incapptic Connect has a serious privilege escalation vulnerability that allows non-admin users with user management permissions to elevate their privileges to admin status through the password reset feature. This flaw poses significant security risks, as it could allow unauthorized users to gain control over critical functionalities. It is essential for all users of Incapptic Connect versions prior to 1.40.1 to apply security updates promptly to mitigate the risks associated with this vulnerability.",Ivanti,Ivanti Incapptic Connect,8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-04-11T19:38:13.000Z,0
CVE-2022-22571,https://securityvulnerability.io/vulnerability/CVE-2022-22571,Stored XSS Vulnerability in Incapptic Connect by Ivanti,"An authenticated user with high privileges can exploit a stored XSS vulnerability in Incapptic Connect due to improper output encoding. This flaw allows an attacker to inject malicious scripts that could execute in the browser of other users who access compromised data. This vulnerability affects all current versions of the product, posing a risk to user data and application integrity.",Ivanti,Ivanti Incapptic Connect,4.8,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-04-11T19:38:12.000Z,0
CVE-2022-21828,https://securityvulnerability.io/vulnerability/CVE-2022-21828,Remote Code Execution Vulnerability in Incapptic Connect by Ivanti,"A vulnerability in the Incapptic Connect web console allows users with high privilege access to execute arbitrary code on the server. The issue affects multiple versions of Incapptic Connect, potentially leading to unauthorized access or control over the affected system. Users and administrators are encouraged to take appropriate security measures and update to the latest versions to mitigate any risks associated with this vulnerability.",Ivanti,Ivanti Incapptic Connect,7.2,HIGH,0.0013899999903514981,false,,false,false,false,,,false,false,,2022-03-04T16:15:00.000Z,0