all InfoSec news
CVE-2023-38035: Ivanti Sentry API Authentication Bypass Zero-Day Exploited in the Wild
Cyber Exposure Alerts www.tenable.com
For the third time in a month, Ivanti discloses a zero-day vulnerability in one of its products that has been exploited in the wild
Background
On August 21, Ivanti published an advisory for a critical vulnerability in Ivanti Sentry, formerly known as MobileIron Sentry, a secure mobile gateway that is part of Ivanti’s unified endpoint management (UEM) platform.
CVE | Description | CVSSv3 | Severity |
---|---|---|---|
CVE-2023-38035 | Ivanti Sentry API Authentication Bypass … |
advisory api api authentication august authentication authentication bypass bypass critical critical vulnerability cve exploited ivanti products sentry third vulnerability zero-day zero-day vulnerability