Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
文件名或路径的外部可控制
Vulnerability Title
Ivanti Connect Secure和Ivanti Policy Secure 安全漏洞
Vulnerability Description
Ivanti Connect Secure(ICS)和Ivanti Policy Secure(IPS)都是美国Ivanti公司的产品。Ivanti Connect Secure是一款安全远程网络连接工具。Ivanti Policy Secure是一个网络访问控制 (NAC) 解决方案。 Ivanti Connect Secure 22.7R2.6版本之前和Ivanti Policy Secure 22.7R1.3版本之前存在安全漏洞,该漏洞源于包含一个文件名的外部控制问题。
CVSS Information
N/A
Vulnerability Type
N/A