Description
The Ivanti Connect Secure and Ivanti Policy Secure have an authentication bypass vulnerability. An attacker can bypass the authentication with a specially crafted HTTP request and get administrative access to the system.
Remediation
Upgrade to the latest version of Ivanti Connect Secure / Policy Secure
References
Related Vulnerabilities
MySQL CVE-2015-4771 Vulnerability (CVE-2015-4771)
MySQL CVE-2022-21264 Vulnerability (CVE-2022-21264)
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8166)
Jenkins Other Vulnerability (CVE-2022-2048)
Coppermine Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-6528)