Exploit for #VU85961 Permissions, Privileges, and Access Controls in Ivanti Connect Secure (formerly Pulse Connect Secure) and Ivanti Policy Secure (formerly Pulse Policy Secure)
Vulnerability identifier: #VU85961
Vulnerability risk: Medium
CVSSv3.1: 7.3 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-264
Exploitation vector: Network
Exploits in database: 1
- April 5, 2024
- Ivanti-Connect-Around-Scan [Github]
Impact: Information disclosure and data manipulation
Vulnerable software:
Ivanti Connect Secure (formerly Pulse Connect Secure)
Server applications /
Remote access servers, VPN
Ivanti Policy Secure (formerly Pulse Policy Secure)
Server applications /
Remote access servers, VPN
Vendor: Ivanti
