Lucene search
+L

224 matches found

Ivanti
Ivanti
added 2025/05/13 2:4 p.m.12 views

Security Advisory Ivanti Neurons for ITSM (On-Premises Only) (CVE-2025-22462)

Security Advisory Ivanti Neurons for ITSM on-premises only CVE-2025-22462 Summary Ivanti has released updates for Ivanti Neurons for ITSM on-prem only which addresses one critical severity vulnerability. Depending on system configuration, successful exploitation could allow an unauthenticated...

9.8CVSS10AI score0.01871EPSS
Exploits0
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.5 views

Ivanti Neurons for ITSM 安全漏洞

Ivanti Neurons for ITSM is an automation platform for IT service management, based on artificial intelligence and machine learning technologies, designed to optimize the IT service delivery process and enhance user experience. An authentication bypass vulnerability exists in Ivanti Neurons for...

9.8CVSS7.2AI score0.01871EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:58 a.m.10 views

CVE-2024-7570

Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user...

8.3CVSS6.5AI score0.00542EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:55 a.m.12 views

CVE-2024-7569

An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...

9.8CVSS6.1AI score0.01639EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:42 p.m.8 views

CVE-2024-22060

An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary files into sensitive directories of ITSM server...

8.7CVSS6.8AI score0.01116EPSS
Exploits0References1
NVD
NVD
added 2024/11/27 7:15 p.m.28 views

CVE-2024-53855

Centurion ERP Enterprise Rescource Planning is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management ITSM modules. A user who is authenticated and has view permissions for a ticket, can view the tickets of another organization they...

4.3CVSS0.00432EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.8 views

The vulnerability of the OIDC protocol implementation in the IT service management tool Ivanti Neurons for ITSM allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the OpenID Connect OIDC implementation of the IT service management tool Ivanti Neurons for ITSM is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

10CVSS7.7AI score0.01639EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.8 views

The vulnerability of the OIDC protocol implementation in the IT service management tool Ivanti Neurons for ITSM allows a attacker to execute a type of “man-in-the-middle” attack.

The vulnerability of the OpenID Connect OIDC implementation in the IT service management tool Ivanti Neurons for ITSM is related to improper verification of certificates. Exploiting this vulnerability could allow a malicious actor to execute a “man-in-the-middle” attack...

8.3CVSS8AI score0.00542EPSS
Exploits0References4Affected Software1
Qualys Blog
Qualys Blog
added 2024/10/29 2:29 p.m.18 views

Qualys VMDR & Core Apps Revamped: Ultimate Cyber Defense Partnership for Streamlined Vulnerability Management with ITSM

Introducing the Revamped VMDR & Core Apps Qualys has the dynamic duo of ServiceNow Apps – The Qualys Core App and Qualys VMDR App – that help you close the gap between IT and Security teams, making vulnerability management and ticketing workflows seamless and eliminating manual spreadsheet-based...

7.1AI score
Exploits0
Akamai Blog
Akamai Blog
added 2024/10/08 1:0 p.m.17 views

How to Use ITSM, SIEM, and SOAR to Remediate API Attacks

...

7.3AI score
Exploits0
NVD
NVD
added 2024/08/13 7:15 p.m.27 views

CVE-2024-7570

Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user...

8.3CVSS0.01639EPSS
Exploits0References1
OSV
OSV
added 2024/08/13 7:15 p.m.5 views

CVE-2024-7569

An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...

9.8CVSS7.3AI score0.01639EPSS
Exploits0References1
NVD
NVD
added 2024/08/13 7:15 p.m.21 views

CVE-2024-7569

An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...

9.8CVSS0.01639EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/13 6:12 p.m.11 views

CVE-2024-7570

Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user...

8.3CVSS7.1AI score0.01639EPSS
Exploits0References1
CVE
CVE
added 2024/08/13 6:12 p.m.52 views

CVE-2024-7570

CVE-2024-7570 affects Ivanti ITSM on-prem and Neurons for ITSM (versions 2023.4 and earlier). The root cause is improper certificate validation, enabling a remote attacker in a network-positioned MITM to craft a token that grants access to ITSM as any user. The vulnerability is rated HIGH on both...

8.3CVSS7.1AI score0.01639EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/08/13 6:12 p.m.37 views

CVE-2024-7570

Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user...

8.3CVSS0.00542EPSS
Exploits0References1
CVE
CVE
added 2024/08/13 6:10 p.m.50 views

CVE-2024-7569

CVE-2024-7569 : Ivanti ITSM on-prem and Neurons for ITSM (versions 2023.4 and earlier) contain an information-disclosure flaw that allows an unauthenticated attacker to retrieve the OIDC client secret via debug information. Public sources consistently describe impact as high confidentiality risk ...

9.8CVSS6.6AI score0.01639EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/13 6:10 p.m.14 views

CVE-2024-7569

An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...

9.6CVSS6.6AI score0.01639EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 6:10 p.m.33 views

CVE-2024-7569

An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...

9.6CVSS0.01639EPSS
Exploits0References1
Ivanti
Ivanti
added 2024/08/13 2:0 p.m.15 views

Security Advisory: Ivanti Neurons for ITSM (CVE-2024-7569, CVE-2024-7570)

Ivanti has released updates for Ivanti Neurons for ITSM which addresses a critical severity vulnerability and a high severity vulnerability. Please note: the patch has been applied to all Ivanti Neurons for ITSM Cloud landscapes as of August 4. No further action is needed for cloud customers, we...

9.8CVSS6.8AI score0.01639EPSS
Exploits0
Rows per page
Query Builder