CVE-2023-41724 - CERT CVE
ID CVE-2023-41724
Sažetak A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network.
Reference
CVSS
Base: 9.6
Impact: 6.0
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Zadnje važnije ažuriranje 01-08-2024 - 13:44
Objavljeno 31-03-2024 - 02:15