8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
7.5 High
AI Score
Confidence
Low
0.959 High
EPSS
Percentile
99.5%
The Ivanti Connect Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by an authentication bypass vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) which allows a remote attacker to access restricted resources by bypassing control checks.
Binary data ivanti_cs_CVE-2023-46805.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
pulsesecure | pulse_connect_secure | cpe:/a:pulsesecure:pulse_connect_secure |
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
7.5 High
AI Score
Confidence
Low
0.959 High
EPSS
Percentile
99.5%