Ivanti released its December 2024 security advisory to address nine critical and high severity vulnerabilities in its products, such as Ivanti Connect Secure, Policy Secure, Cloud Services Application, and Sentry. Five of these nine vulnerabilities are rated as critical. Ivanti mentioned in the advisory that there was no prior knowledge of any customers being exploited … Continue reading “Ivanti Releases Fixes for Multiple Vulnerabilities Impacting Connect Secure, Policy Secure, Cloud Services Application, and Sentry”
Tag: Ivanti Sentry
Ivanti Sentry Zero-day Vulnerability being Exploited in the wild (CVE-2023-38035)
Ivanti has released a patch to an actively exploited API Authentication Bypass vulnerability. CVE-2023-38035 has been given a high severity rating with a CVSS score of 9.8. The vulnerability may allow an unauthenticated actor to access sensitive APIs configuring the Ivanti Sentry on the administrator portal. Ivanti has mentioned in the advisory that they are … Continue reading “Ivanti Sentry Zero-day Vulnerability being Exploited in the wild (CVE-2023-38035)”
