Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to access internal network services.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Ivanti Connect Secure和Ivanti Policy Secure 代码问题漏洞
Vulnerability Description
Ivanti Connect Secure(ICS)和Ivanti Policy Secure(IPS)都是美国Ivanti公司的产品。Ivanti Connect Secure是一款安全远程网络连接工具。Ivanti Policy Secure是一个网络访问控制 (NAC) 解决方案。 Ivanti Connect Secure 22.7R2.8之前版本和Ivanti Policy Secure 22.7R1.5之前版本存在代码问题漏洞,该漏洞源于服务端请求伪造,可能导致访问内部网络服务。
CVSS Information
N/A
Vulnerability Type
N/A