Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Connect Secure

Source -

CNA

CNA CVEs -

53

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
53Vulnerabilities found
CVE-2023-39340
Assigner-HackerOne
ShareView Details
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.41%
||
7 Day CHG~0.00%
Published-16 Dec, 2023 | 01:49
Updated-27 Nov, 2024 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker can send a specific request which may lead to Denial of Service (DoS) of the appliance.

Action-Not Available
Vendor-Ivanti Software
Product-connect_secureConnect Secure
CVE-2023-41719
Assigner-HackerOne
ShareView Details
Assigner-HackerOne
CVSS Score-7.2||HIGH
EPSS-3.15% / 86.36%
||
7 Day CHG~0.00%
Published-14 Dec, 2023 | 01:56
Updated-02 Aug, 2024 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker impersonating an administrator may craft a specific web request which may lead to remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-connect_secureConnect Secure
CVE-2023-41720
Assigner-HackerOne
ShareView Details
Assigner-HackerOne
CVSS Score-7||HIGH
EPSS-0.12% / 32.49%
||
7 Day CHG~0.00%
Published-14 Dec, 2023 | 01:56
Updated-02 Aug, 2024 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker with a foothold on an Ivanti Connect Secure (ICS) appliance can escalate their privileges by exploiting a vulnerable installed application. This vulnerability allows the attacker to gain elevated execution privileges on the affected system.

Action-Not Available
Vendor-Ivanti Software
Product-connect_secureConnect Secure
  • Previous
  • 1
  • 2
  • Next