PT-2022-22663 · Ivanti · Ivanti Policy Secure+2
Published
2022-12-05
·
Updated
2024-02-27
·
CVE-2022-35258
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Ivanti Connect Secure (ICS) versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4
Ivanti Policy Secure (IPS) versions prior to 9.1R17 and 22.3R1
Ivanti Neurons for Zero-Trust Access versions prior to 22.3R1
Description
An unauthenticated attacker can cause a denial-of-service. The issue affects multiple Ivanti products.
Recommendations
For Ivanti Connect Secure (ICS) versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, update to version 9.1R14.3, 9.1R15.2, 9.1R16.2, or 22.2R4 or later.
For Ivanti Policy Secure (IPS) versions prior to 9.1R17 and 22.3R1, update to version 9.1R17 or 22.3R1 or later.
For Ivanti Neurons for Zero-Trust Access versions prior to 22.3R1, update to version 22.3R1 or later.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ivanti Connect Secure
Ivanti Neurons For Zero-Trust Access
Ivanti Policy Secure