Ivanti Incapptic Connect

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:ivanti_incapptic_connect:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductIvanti Incapptic Connect (5677c6ed-dbee-50b2-b75a-0d0157d937db)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-22572 vulnerable 2026-06-08 05:40:54.702406 Details available
A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1.
Published: 2022-04-11T19:38:13.000Z
Updated: 2024-08-03T03:14:55.850Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-22571 vulnerable 2026-06-08 05:40:54.701123 Details available
An authenticated high privileged user can perform a stored XSS attack due to incorrect output encoding in Incapptic connect and affects all current versions.
Published: 2022-04-11T19:38:12.000Z
Updated: 2024-08-03T03:14:55.701Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-21828 vulnerable 2026-06-08 05:40:02.524507 Details available
A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0, 1.39.1, 1.39.0, 1.38.1, 1.38.0, 1.37.1, 1.37.0, 1.36.0, 1.35.5, 1.35.4 and 1.35.3.
Published: 2022-03-04T16:15:00.000Z
Updated: 2024-08-03T02:53:36.277Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.