all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-38035: Ivanti Sentry API Authentication Bypass Zero-Day Exploited in the Wild

Add to bookmarks
Aug. 22, 2023, 6:32 p.m. | Satnam Narang

Cyber Exposure Alerts www.tenable.com

CVE-2023-38035: Ivanti Sentry API Authentication Bypass Zero-Day Exploited in the Wild

For the third time in a month, Ivanti discloses a zero-day vulnerability in one of its products that has been exploited in the wild


Background


On August 21, Ivanti published an advisory for a critical vulnerability in Ivanti Sentry, formerly known as MobileIron Sentry, a secure mobile gateway that is part of Ivanti’s unified endpoint management (UEM) platform.







CVEDescriptionCVSSv3Severity
CVE-2023-38035Ivanti Sentry API Authentication Bypass …

advisory api api authentication august authentication authentication bypass bypass critical critical vulnerability cve exploited ivanti products sentry third vulnerability zero-day zero-day vulnerability

Visit resource

More from www.tenable.com / Cyber Exposure Alerts

CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor 5 days, 23 hours ago | www.tenable.com
adaptive security arcanedoor blog called +15
CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited 1 week, 1 day ago | www.tenable.com
advisory april crushftp customers +23
Oracle April 2024 Critical Patch Update Addresses 239 CVEs 2 weeks ago | www.tenable.com
addresses april cpu critical +12
CVE-2024-3400: Zero-Day Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Gateway Exploited in the Wild 2 weeks, 5 days ago | www.tenable.com
alto april attacks command +25
Microsoft’s April 2024 Patch Tuesday Addresses 147 CVEs (CVE-2024-29988) 3 weeks, 1 day ago | www.tenable.com
addresses april critical critical vulnerabilities +13
Frequently Asked Questions About CVE-2024-3094, A Backdoor in XZ Utils 1 month ago | www.tenable.com
CVE-2023-48788: Critical Fortinet FortiClientEMS SQL Injection Vulnerability 1 month, 2 weeks ago | www.tenable.com
address advisory arbitrary code attacker +20
Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-21407) 1 month, 2 weeks ago | www.tenable.com
CVE-2024-27198, CVE-2024-27199: Two Authentication Bypass Vulnerabilities in JetBrains TeamCity 1 month, 3 weeks ago | www.tenable.com

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs