vulnerability

Pulse Secure Pulse Connect Secure: CVE-2023-46805: Authentication Bypass

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:N/C:C/I:P/A:N)	Jan 10, 2023	Jan 15, 2023	Feb 13, 2023

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:P/A:N)

Published

Jan 10, 2023

Added

Jan 15, 2023

Modified

Feb 13, 2023

Description

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.

Solution

pulse-pulse-secure-policy-cve-2023-46805-and-cve-2024-21887

References

CVE-2023-46805
https://attackerkb.com/topics/CVE-2023-46805
URL-https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today