PT-2026-40041 · Ivanti · Virtual Traffic Manager
Published
2026-05-12
·
Updated
2026-05-15
·
CVE-2026-8051
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Ivanti Virtual Traffic Manager versions prior to 22.9r4
Description
OS command injection allows a remote authenticated attacker with admin privileges to achieve remote code execution.
Recommendations
Update to version 22.9r4 or later.
Fix
RCE
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Virtual Traffic Manager