Ivanti has released a patch to an actively exploited API Authentication Bypass vulnerability. CVE-2023-38035 has been given a high severity rating with a CVSS score of 9.8. The vulnerability may allow an unauthenticated actor to access sensitive APIs configuring the Ivanti Sentry on the administrator portal. Ivanti has mentioned in the advisory that they are … Continue reading “Ivanti Sentry Zero-day Vulnerability being Exploited in the wild (CVE-2023-38035)”