Search
Appgate SDP

Appgate SDP Overview

Learn how the industry’s most comprehensive universal ZTNA solution strengthens security and transforms your network with the flexibility, extensibility and integration advantages of direct-routed architecture.

How Appgate SDP Works

Find out about the inner-workings of the most flexible and adaptable Zero Trust Network Access solution available today.

Zero Trust Platform
Integrations and Tech Partners
Appgate SDP for Developers
Use Cases for Securing:
Remote Access Hybrid Enterprise Cloud Access
Risk-Based Authentication
Overview
Learn how Risk-Based Authentication provides a frictionless, intelligent and data-informed approach to user authentication.
Strong Authentication
Find out how you can provide secure, frictionless access with the right multi-factor authentication method.
Transaction Monitoring
Explore the tools you can use to intelligently identify and prevent online fraud.
Behavioral Biometrics Service
Learn how behavioral analysis and machine learning stop fraudulent online web activity in real-time.
Secure Consumer Access for:
Consumer Protection Fraud Protection Phishing Protection Mobile Protection
Digital Threat Protection
Overview
Discover how you can gain unparalleled threat visibility and the risk management tools that enable early identification and elimination of potential attacks.
Key Features
Take a deep dive into the features and tools contained within our industry-leading Digital Threat Protection (DTP) solution.

Appgate SDP Security Advisories

If you believe you have identified a security concern with Appgate SDP please contact appgate-security@appgate.com

TitleIDSeverityProducts AffectedFirst PublishedLast Published
Malformed IPv4 Packet DoS VulnerabilityPDF2023-10-0001Medium (CVSS 5.7)All supported Appgate SDP Gateway versions2023-10-302023-10-23
Token Revocation Delay VulnerabilityPDF2023-08-0001High (CVSS 7.8)Appgate SDP Controller versions 6.2.0 and 6.2.12023-08-032023-08-03
Privilege Escalation on Appgate SDP Scripting EnginePDF2023-05-0001High (CVSS 7.2)Appgate SDP Controller and Gateway versions prior to 6.1.32023-05-152023-05-15
Cumulative Security Fixes for Privilege Escalations on Appgate SDP ClientsPDF 2023-02-0001High (CVSS 7.8)Appgate SDP Clients for Windows and macOS versions prior to 6.1.22023-02-012023-02-01
Sensitive File Disclosure on ControllersPDF 2022-12-0001Medium (CVSS 5.7)Appgate SDP Controllers versions prior 6.0.42022-12-062022-12-06
Insufficient Logging on Controllers and GatewaysPDF2022-11-0001Medium (CVSS 4.3)Appgate SDP Controllers and Gateways versions prior 6.0.32022-11-032022-12-05
Privilege Escalation on Appgate SDP Scripting EnginePDF2022-08-0001Medium (CVSS 6.4)Appgate SDP Controller and Gateway versions prior to 5.5.8 and 6.0.12022-08-252022-08-25
Multi-Condition Bypass due to Firewall Rule OverridePDF2022-08-0002Medium (CVSS 4.5)Appgate SDP Gateway versions prior to 5.5.8 and 6.0.12022-08-252022-08-25
Host Header Poisoning in Management InterfacePDF2022-08-0003Medium (CVSS 4.3)Appgate SDP Controllers versions prior to 5.5.8 and 6.0.12022-08-252022-08-25
Privilege Escalation on Appgate SDP Client for WindowsPDF2022-07-0002High (CVSS 7.8)Appgate SDP Full Clients for Windows versions prior to 6.0.12022-07-292022-07-29
Reflected Cross Site Scripting with PortalPDF2022-07-0001High (CVSS 7.4)Appgate SDP Portal versions prior to 5.5.7, and 6.0.2022-07-062022-07-06
Controller impersonation using a compromised appliancePDF 2022-06-0001Medium (CVSS 5.3)Any appliance with appliance certificates generated by SDP Controllers from versions 5.4 to version 5.5.6.2022-06-212022-06-21
Log4j 2 VulnerabilityPDF 2021-12-0001MinorAppgate SDP LogServer versions up to and including 5.5.12021-12-132022-01-05
Scripting Engine Sandbox BypassPDF 2021-11-0001Medium (CVSS 6.6)Appgate SDP Controller and Gateway versions prior to 5.5.12021-12-072021-12-07
Privilege Escalation on Appgate SDP Clients for LinuxPDF 2021-06-0001High (CVSS 7.5)Appgate SDP Client for Linux versions prior to 5.4.22021-06-142021-06-14

Security Advisories relating to older unsupported versions

NameLink
Information Disclosure on Management InterfacePDF
Shell access and information disclosurePDF
CPU vulnerability: Meltdown and SpectrePDF
SAML Authentication BypassPDF
Information Disclosure on Management InterfacePDF
TCP Stack vulnerability: SegmentSmackPDF
Privilege Escalation on Windows ClientPDF
Controller Impersonation during Appliance CommunicationPDF
Remote Privilege Escalation on Windows ClientPDF
Scripting Engine Sandbox BypassPDF
Remote code execution on management interface PDFPDF
Privilege Escalation on Appgate SDP Client for Windows PDF
Default Time-Based OTP Provider Bypass PDF
Cumulative Security Fixes and Improvements for Appgate SDP Clients PDF
Security Fix and Cumulative Improvements for Appgate SDP Clients for WindowsPDF
Information Disclosure from Appgate SDP ControllersPDF

Appgate Security Advisories and other Appgate security content are provided on an "as is" basis and do not imply any kind of guarantee or warranty. Your use of the information in these publications or linked material is at your own risk. Appgate reserves the right to change or update this content without notice at any time.