4 matches found
The vulnerability of Ivanti Connect Secure (previously known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons for Zero Trust Access (nZTA) – tools for authentication and access control – stems from incorrect restrictions on XML links to external objects. This allows attackers to gain unauthorized access to protected information.
The vulnerability of Ivanti Connect Secure previously Pulse Connect Secure and Ivanti Policy Secure, as well as the authentication and access control management tools Ivanti Neurons for Zero Trust Access nZTA, is related to an incorrect restriction on XML links to external objects. Exploiting thi...
CVE-2024-21893
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication...
CVE-2022-35258
An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure ICS in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure IPS in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior...
PT-2022-22663 · Ivanti · Ivanti Policy Secure +2
Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure ICS versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4 Ivanti Policy Secure IPS versions prior to 9.1R17 and 22.3R1 Ivanti Neurons for Zero-Trust Access versions prior to 22.3R1 Description: An unauthenticated...