Ivanti

🏢 Vendors Related 34
slug: ivanti

Explanation

IvantiはVPN・モバイルデバイス管理 (MDM)・エンドポイント管理等のエンタープライズ向け製品を提供しています。 2024年〜2026年にかけて、Ivanti製品の脆弱性が国家支援の攻撃グループに頻繁に悪用され、CISA KEV カタログ常連となっています。
📌 Example
CVE-2024-21887 + CVE-2023-46805 (Ivanti Connect Secure VPN): 2024年初頭に未認証RCEとして悪用され、世界中の企業VPNが侵害された。

🔖 Related tags

🛡 Vulnerabilities tagged with this 46

ID Title
CVE-2023-46805 KEV [KEV] Authentication Bypass in Ivanti connect-secure-and-policy-secure (CVE-2023-46805)
CVE-2023-38035 KEV [KEV] Authorization Flaw in Ivanti sentry (CVE-2023-38035)
CVE-2023-35081 KEV [KEV] Path Traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081)
CVE-2023-35078 KEV [KEV] Authentication Bypass in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35078)
CVE-2019-11510 KEV [KEV] Path Traversal in Ivanti pulse-connect-secure (CVE-2019-11510)
CVE-2019-11539 KEV [KEV] OS Command Injection in Ivanti pulse-connect-secure-and-pulse-policy-secure (CVE-2019-11539)
CVE-2021-22899 KEV [KEV] Command Injection in Ivanti pulse-connect-secure (CVE-2021-22899)
CVE-2020-8260 KEV [KEV] Unrestricted File Upload in Ivanti pulse-connect-secure (CVE-2020-8260)
CVE-2021-22894 KEV [KEV] Code Injection in Ivanti pulse-connect-secure (CVE-2021-22894)
CVE-2021-22900 KEV [KEV] Code Injection in Ivanti pulse-connect-secure (CVE-2021-22900)
CVE-2020-8243 KEV [KEV] Code Injection in Ivanti pulse-connect-secure (CVE-2020-8243)
CVE-2021-22893 KEV [KEV] Authentication Bypass in Ivanti pulse-connect-secure (CVE-2021-22893)
CVE-2020-15505 KEV [KEV] Vulnerability in Ivanti mobileiron-multiple-products (CVE-2020-15505)
CVE-2017-11463 Vulnerability in ivanti (CVE-2017-11463)
CVE-2017-11455 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11455)
CVE-2016-3147 Buffer Overflow in dos (CVE-2016-3147)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →