HIGH🇬🇧 English

CVE-2022-35258

CVSS 7.5v3.1pub. 2022-12-05upd. 2024-11-21

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Ivanti Connect Secure

    APP
    Ivanti
    21.1221.922.122.29.1< 9.1
  • Ivanti Neurons For Zero Trust Access

    APP
    Ivanti
    22.2
  • Ivanti Policy Secure

    APP
    Ivanti
    22.122.29.1< 9.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2025-22457CRITICAL9.0⚠ KEVPL ✓ten sam produkt

Stack-based buffer overflow w Ivanti Connect Secure, Policy Secure i ZTA Gateways umożliwiający RCE

CVE-2025-0282CRITICAL9.0⚠ KEVPL ✓ten sam produkt

Stack-based buffer overflow RCE w Ivanti Connect Secure, Policy Secure i Neurons for ZTA

CVE-2024-21887CRITICAL9.1⚠ KEVPL ✓ten sam produkt

Command injection w Ivanti Connect Secure i Policy Secure — RCE jako administrator

CVE-2021-22893CRITICAL10.0⚠ KEVten sam produkt

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by...

CVE-2019-11510CRITICAL10.0⚠ KEVten sam produkt

In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an...