Ivanti Addressed A New Zero-Day Flaw in Ivanti Sentry
Ivanti Addressed A New Zero-Day Flaw in Ivanti Sentry
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
The zero-day vulnerability (CVE-2023-38035) in Ivanti Sentry (versions 9.18 and earlier) allows unauthenticated access to sensitive APIs via port 8443, posing a risk of configuration manipulation and system compromise. Apply specific RPM scripts and restrict external access for mitigation
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.