CVE-2024-21893 - Ivanti Connect Secure and Policy Secure: Server-Side Request Forgery (SSRF) Vulnerability in SAML Component
A newly discovered vulnerability, tracked as CVE-2024-21893, affects Ivanti Connect Secure and Policy Secure software. Specifically, this vulnerability allows an attacker to perform a server-side
CVE-2024-21887 - An In-Depth Look at the Command Injection Vulnerability in Ivanti Connect Secure and Ivanti Policy Secure Web Components
Recently, a command injection vulnerability has been discovered in the web components of Ivanti Connect Secure (versions 9.x and 22.x) and Ivanti Policy
CVE-2023-46805: Authentication Bypass Vulnerability in Ivanti ICS 9.x, 22.x and Ivanti Policy Secure
A critical security vulnerability, tracked as CVE-2023-46805, has been discovered in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure.
CVE-2023-38344: File Disclosure Vulnerability in Ivanti Endpoint Manager Allows Reading of Arbitrary Files by an Authenticated Attacker
A recently discovered vulnerability (CVE-2023-38344) affects Ivanti Endpoint Manager versions before 2022 SU4. This vulnerability allows authenticated attackers to read arbitrary files from a remote
CVE-2023-38035: Insufficiently Restrictive Apache HTTPD Configuration in MICS Admin Portal of Ivanti MobileIron Sentry May Allow Attackers to Bypass Authentication Controls
A recently discovered security vulnerability (CVE-2023-38035) has been found to affect the MICS (MobileIron Core Server) Admin Portal in Ivanti MobileIron Sentry in versions 9.
Episode
00:00:00
00:00:00