Search
Appgate SDP
Appgate SDP Overview
Learn how Appgate SDP reduces risk and complexity, and why it's the industry's most comprehensive Zero Trust network access solution.
How Appgate SDP Works
Find out about the inner-workings of the most flexible and adaptable Zero Trust Network Access solution available today.
Integrations and Tech Partners
Explore security, IT and business-system integrations that can enhance and help you adapt Appgate SDP to your existing workflows
Appgate SDP for Developers
Access developer tools and resources to maximize the value of your Appgate SDP deployment.
Use Cases for Securing:
Remote Access Hybrid Enterprise Cloud Access
Risk-Based Authentication
Overview
Learn how Risk-Based Authentication provides a frictionless, intelligent and data-informed approach to user authentication.
Strong Authentication
Find out how you can provide secure, frictionless access with the right multi-factor authentication method.
Transaction Monitoring
Explore the tools you can use to intelligently identify and prevent online fraud.
Behavioral Biometrics Service
Learn how behavioral analysis and machine learning stop fraudulent online web activity in real-time.
Secure Consumer Access for:
Consumer Protection Fraud Protection Phishing Protection Risk Orchestration Mobile Protection
Digital Threat Protection
Overview
Discover how you can gain unparalleled threat visibility and the risk management tools that enable early identification and elimination of potential attacks.
Key Features
Take a deep dive into the features and tools contained within our industry-leading Digital Threat Protection (DTP) solution.

Appgate SDP Security Advisories

If you believe you have identified a security concern with Appgate SDP please contact appgate-security@appgate.com

TitleIDSeverityProducts AffectedFirst PublishedLast Published
Privilege Escalation on Appgate SDP Scripting EnginePDF2022-08-0001Medium (CVSS 6.4)Appgate SDP Controller and Gateway versions prior to 5.5.8 and 6.0.12022-08-252022-08-25
Multi-Condition Bypass due to Firewall Rule OverridePDF2022-08-0002Medium (CVSS 4.5)Appgate SDP Gateway versions prior to 5.5.8 and 6.0.12022-08-252022-08-25
Host Header Poisoning in Management InterfacePDF2022-08-0003Medium (CVSS 4.3)Appgate SDP Controllers versions prior to 5.5.8 and 6.0.12022-08-252022-08-25
Privilege Escalation on Appgate SDP Client for WindowsPDF2022-07-0002High (CVSS 7.8)Appgate SDP Full Clients for Windows versions prior to 6.0.12022-07-292022-07-29
Reflected Cross Site Scripting with PortalPDF2022-07-0001High (CVSS 7.4)Appgate SDP Portal versions prior to 5.5.7, and 6.0.2022-07-062022-07-06
Controller impersonation using a compromised appliancePDF 2022-06-0001Medium (CVSS 5.3)Any appliance with appliance certificates generated by SDP Controllers from versions 5.4 to version 5.5.6.2022-06-212022-06-21
Log4j 2 VulnerabilityPDF 2021-12-0001MinorAppgate SDP LogServer versions up to and including 5.5.12021-12-132022-01-05
Scripting Engine Sandbox BypassPDF 2021-11-0001Medium (CVSS 6.6)Appgate SDP Controller and Gateway versions prior to 5.5.12021-12-072021-12-07
Privilege Escalation on Appgate SDP Clients for LinuxPDF 2021-06-0001High (CVSS 7.5)Appgate SDP Client for Linux versions prior to 5.4.22021-06-142021-06-14
Security Fix and Cumulative Improvements for Appgate SDP Clients for WindowsPDF2021-04-0002Medium (CVSS 5.5)Appgate SDP full Clients for Windows versions prior to 5.4.02021-04-272021-04-27
Information Disclosure from Appgate SDP ControllersPDF2021-04-0001High (CVSS 8.5)Appgate SDP Controller versions prior to 5.3.3 (except 5.2.4)2021-04-152021-04-23
Cumulative Security Fixes and Improvements for Appgate SDP Clients PDF2021-01-0001Medium (CVSS 5.5)Appgate SDP Client versions prior to 5.3.22021-01-222021-04-16
Default Time-Based OTP Provider Bypass PDF2020-11-0001Medium (CVSS 6.8)Appgate SDP Controller versions prior to 5.3.1 2020-11-302020-12-07
Privilege Escalation on Appgate SDP Client for Windows PDF2020-04-0001High (CVSS 7.8)Appgate SDP full Clients for Windows versions prior to 5.1.12020-05-012020-05-01
Remote code execution on management interface PDFPDF2020-04-0002High (CVSS 7.5)Appgate SDP Controller versions 4.1.0 through 5.0.3, 5.1.0 and 5.1.12020-05-012020-05-01
Scripting Engine Sandbox BypassPDF2019-11-0001High (CVSS 7.2)Appgate SDP Appliances before v5.0.22019-11-182019-11-18
Remote Privilege Escalation on Windows ClientPDF2019-07-0001High (CVSS 8.0)Appgate SDP Client for Windows from v4.1.0 to v4.3.12019-07-09 2019-07-09
Controller Impersonation during Appliance CommunicationPDF2018-12-0001Low (CVSS 3.3)Appgate SDP Appliances before v4.1.72018-12-032018-12-03
Privilege Escalation on Windows ClientPDF2018-11-0001LowAppgate SDP Client for Windows from v4.1.0 to v4.1.22018-11-222018-11-22
TCP Stack vulnerability: SegmentSmackPDF2018-08-0001LowAppgate SDP before v4.1.22018-08-092018-08-09
Information Disclosure on Management InterfacePDF2018-07-0001LowAppgate SDP from v4.0.0 to v4.0.32018-07-122018-07-12
SAML Authentication BypassPDF2018-03-0001LowAppgate SDP before v3.3.32018-03-122018-03-12
CPU vulnerability: Meltdown and SpectrePDF2018-01-001LowAppgate SDP before v3.3.3 AppGate Classic all versions2018-01-082018-01-08
Shell access and information disclosurePDF2017-06-0001MediumAppgate Classic before v11.2.72017-06-082017-06-08
Information Disclosure on Management InterfacePDF2017-05-0001HighAppgate SDP Controller before v3.1.2 2017-05-182018-07-12

Appgate Security Advisories and other Appgate security content are provided on an "as is" basis and do not imply any kind of guarantee or warranty. Your use of the information in these publications or linked material is at your own risk. Appgate reserves the right to change or update this content without notice at any time.