First published: Wed Jan 10 2024(Updated: )
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Credit: support@hackerone.com support@hackerone.com
Affected Software | Affected Version | How to fix |
---|---|---|
Ivanti Connect Secure | =9.0 | |
Ivanti Connect Secure | =9.1-r1 | |
Ivanti Connect Secure | =9.1-r10 | |
Ivanti Connect Secure | =9.1-r11 | |
Ivanti Connect Secure | =9.1-r11.3 | |
Ivanti Connect Secure | =9.1-r11.4 | |
Ivanti Connect Secure | =9.1-r11.5 | |
Ivanti Connect Secure | =9.1-r12 | |
Ivanti Connect Secure | =9.1-r12.1 | |
Ivanti Connect Secure | =9.1-r13 | |
Ivanti Connect Secure | =9.1-r13.1 | |
Ivanti Connect Secure | =9.1-r14 | |
Ivanti Connect Secure | =9.1-r15 | |
Ivanti Connect Secure | =9.1-r15.2 | |
Ivanti Connect Secure | =9.1-r16 | |
Ivanti Connect Secure | =9.1-r16.1 | |
Ivanti Connect Secure | =9.1-r17 | |
Ivanti Connect Secure | =9.1-r17.1 | |
Ivanti Connect Secure | =9.1-r18 | |
Ivanti Connect Secure | =9.1-r2 | |
Ivanti Connect Secure | =9.1-r3 | |
Ivanti Connect Secure | =9.1-r4 | |
Ivanti Connect Secure | =9.1-r4.1 | |
Ivanti Connect Secure | =9.1-r4.2 | |
Ivanti Connect Secure | =9.1-r4.3 | |
Ivanti Connect Secure | =9.1-r5 | |
Ivanti Connect Secure | =9.1-r6 | |
Ivanti Connect Secure | =9.1-r7 | |
Ivanti Connect Secure | =9.1-r8 | |
Ivanti Connect Secure | =9.1-r8.1 | |
Ivanti Connect Secure | =9.1-r8.2 | |
Ivanti Connect Secure | =9.1-r9 | |
Ivanti Connect Secure | =9.1-r9.1 | |
Ivanti Connect Secure | =22.1-r1 | |
Ivanti Connect Secure | =22.1-r6 | |
Ivanti Connect Secure | =22.2 | |
Ivanti Connect Secure | =22.2-r1 | |
Ivanti Connect Secure | =22.3-r1 | |
Ivanti Connect Secure | =22.4-r1 | |
Ivanti Connect Secure | =22.4-r2.1 | |
Ivanti Connect Secure | =22.5-r2.1 | |
Ivanti Connect Secure | =22.6 | |
Ivanti Connect Secure | =22.6-r1 | |
Ivanti Connect Secure | =22.6-r2 | |
Ivanti Policy Secure | =9.0 | |
Ivanti Policy Secure | =9.1-r1 | |
Ivanti Policy Secure | =9.1-r10 | |
Ivanti Policy Secure | =9.1-r11 | |
Ivanti Policy Secure | =9.1-r12 | |
Ivanti Policy Secure | =9.1-r13 | |
Ivanti Policy Secure | =9.1-r13.1 | |
Ivanti Policy Secure | =9.1-r14 | |
Ivanti Policy Secure | =9.1-r15 | |
Ivanti Policy Secure | =9.1-r16 | |
Ivanti Policy Secure | =9.1-r17 | |
Ivanti Policy Secure | =9.1-r18 | |
Ivanti Policy Secure | =9.1-r2 | |
Ivanti Policy Secure | =9.1-r3 | |
Ivanti Policy Secure | =9.1-r3.1 | |
Ivanti Policy Secure | =9.1-r4 | |
Ivanti Policy Secure | =9.1-r4.1 | |
Ivanti Policy Secure | =9.1-r4.2 | |
Ivanti Policy Secure | =9.1-r5 | |
Ivanti Policy Secure | =9.1-r6 | |
Ivanti Policy Secure | =9.1-r7 | |
Ivanti Policy Secure | =9.1-r8 | |
Ivanti Policy Secure | =9.1-r8.1 | |
Ivanti Policy Secure | =9.1-r8.2 | |
Ivanti Policy Secure | =9.1-r9 | |
Ivanti Policy Secure | =22.1-r1 | |
Ivanti Policy Secure | =22.1-r6 | |
Ivanti Policy Secure | =22.2-r1 | |
Ivanti Policy Secure | =22.2-r3 | |
Ivanti Policy Secure | =22.3-r1 | |
Ivanti Policy Secure | =22.3-r3 | |
Ivanti Policy Secure | =22.4-r1 | |
Ivanti Policy Secure | =22.4-r2 | |
Ivanti Policy Secure | =22.4-r2.1 | |
Ivanti Policy Secure | =22.5-r1 | |
Ivanti Policy Secure | =22.5-r2.1 | |
Ivanti Policy Secure | =22.6-r1 | |
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)