all InfoSec news
New Ivanti Connect Secure Zero-Day Exploited by Threat Actors
Security Boulevard securityboulevard.com
Software company Ivanti has recently raised the alarm about two new vulnerabilities impacting its products: Connect Secure, Policy Secure and ZTA gateways. Read on to learn more. Tell me more about the Ivanti zero-days The first of these vulnerabilities, tagged as CVE-2024-21893, is a zero-day flaw that’s currently being actively exploited. This flaw is a server-side request forgery issue in the SAML component of the gateways, which allows attackers to sidestep authentication and gain access to restricted areas on the …
actively exploited alarm blog connect cve cve-2024-21893 exploited flaw gateways ivanti ivanti connect secure learn policy products software threat threat actors vulnerabilities zero-day zero-day flaw zero-days zta