vulnerability

Ivanti Pulse Connect Secure: Security Advisory Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC) (Multiple CVEs)

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:P/A:C)	2024-11-12	2025-02-12	2025-03-12

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:P/A:C)

Published

2024-11-12

Added

2025-02-12

Modified

2025-03-12

Description

Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.

pulse-secure-pulse-connect-secure-upgrade-22_7r4

NEW

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.