CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.2%
Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
Vendor | Product | Version | CPE |
---|---|---|---|
ivanti | virtual_traffic_management | 22.2 | cpe:2.3:a:ivanti:virtual_traffic_management:22.2:*:*:*:*:*:*:* |
ivanti | virtual_traffic_management | 22.3 | cpe:2.3:a:ivanti:virtual_traffic_management:22.3:-:*:*:*:*:*:* |
ivanti | virtual_traffic_management | 22.3 | cpe:2.3:a:ivanti:virtual_traffic_management:22.3:r2:*:*:*:*:*:* |
ivanti | virtual_traffic_management | 22.5 | cpe:2.3:a:ivanti:virtual_traffic_management:22.5:r1:*:*:*:*:*:* |
ivanti | virtual_traffic_management | 22.6 | cpe:2.3:a:ivanti:virtual_traffic_management:22.6:r1:*:*:*:*:*:* |
ivanti | virtual_traffic_management | 22.7 | cpe:2.3:a:ivanti:virtual_traffic_management:22.7:r1:*:*:*:*:*:* |