Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
证书验证不恰当
Vulnerability Title
Ivanti ITSM 安全漏洞
Vulnerability Description
Ivanti ITSM是美国Ivanti公司的一个 IT 服务管理解决方案。 Ivanti ITSM 2023.4版本及之前版本存在安全漏洞,该漏洞源于证书验证不当。
CVSS Information
N/A
Vulnerability Type
N/A