#policysecure — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #policysecure, aggregated by home.social.
-
Ivanti Urges Patch for Flaws in Connect Secure, Policy Secure and ZTA Gateways – Source:hackread.com https://ciso2ciso.com/ivanti-urges-patch-for-flaws-in-connect-secure-policy-secure-and-zta-gateways-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #ConnectSecure #cybersecurity #Vulnerability #PolicySecure #ZTAGateways #Hackread #security #Ivanti
-
Ivanti Urges Patch for Flaws in Connect Secure, Policy Secure and ZTA Gateways https://hackread.com/ivanti-patch-flaws-connect-secure-policy-secure-zta-gateways/ #ConnectSecure #Cybersecurity #Vulnerability #PolicySecure #ZTAGateways #Security #Ivanti
-
I want to get off Mr. Ivanti's wild ride: security advisory for Ivanti Connect Secure and Ivanti Policy Secure: 🔗 https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways and blog post: https://www.ivanti.com/blog/security-update-for-ivanti-connect-secure-and-policy-secure
- CVE-2024-21894 (8.2 high) heap overflow leads to Denial of Service (DoS), and sometimes arbitrary code execution
- CVE-2024-22052 (7.5 high) null pointer dereference causes DoS
- CVE-2024-22053 (8.2 high) heap overflow leads to DoS or information disclosure
- CVE-2024-22023 (5.3 medium) XML entity expansion (XEE) causes a limited-time DoS
We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure.
#Ivanti #ConnectSecure #PolicySecure #vulnerability #CVE_2024_21894 #CVE_2024_22052 #CVE_2024_22053 #CVE_2024_22023