all InfoSec news
New Ivanti Zero-Day Vulnerability Allows Hackers to Access Sensitive APIs
Heimdal Security Blog heimdalsecurity.com
Researchers observed a critical Ivanti Sentry API authentication bypass vulnerability exploited in the wild. The flaw was dubbed CVE-2023-38035 and it enables authentication bypass on Ivanti Sentry versions 9.18 and prior, due to improper Apache HTTPD configuration. According to the company, CVE-2023-38035 doesn`t impact any of its other products, such as Ivanti EPMM, MobileIron Cloud […]
The post New Ivanti Zero-Day Vulnerability Allows Hackers to Access Sensitive APIs appeared first on Heimdal Security Blog.
access apache api api authentication apis authentication authentication bypass bypass bypass vulnerability configuration critical cve cybersecurity news exploited flaw hackers httpd impact ivanti products researchers sentry the company vulnerability vulnerability exploited zero-day zero-day vulnerability