PT-2026-32647 · Ivanti · Ivanti Itsm
Published
2026-04-14
·
Updated
2026-04-19
·
CVE-2026-4913
CVSS v3.1
5.7
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Ivanti N-ITSM versions prior to 2025.4
Description
Improper protection of an alternate path allows a remote authenticated attacker to retain access to the system even after their account has been disabled.
Recommendations
Update to version 2025.4 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ivanti Itsm