IVANTI CONNECT SECURE (ICS) DOS Vulnerability (pre-9.1R14.3/15.2/16.2/22.2)
CVE-2022-35258 Published on December 5, 2022

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.

NVD

Weakness Type

Wrap-around Error

Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.

Products Associated with CVE-2022-35258

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-35258 are published in these products:

Pulse Secure Pulse Connect Secure

Pulse Secure Pulse Policy Secure

Ivanti Connect Secure

Ivanti Policy Secure

Ivanti Neurons For Zero Trust Access

Exploit Probability

EPSS

9.64%

Percentile

92.74%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

IVANTI CONNECT SECURE (ICS) DOS Vulnerability (pre-9.1R14.3/15.2/16.2/22.2)CVE-2022-35258 Published on December 5, 2022

Weakness Type

Wrap-around Error

Products Associated with CVE-2022-35258

Exploit Probability

IVANTI CONNECT SECURE (ICS) DOS Vulnerability (pre-9.1R14.3/15.2/16.2/22.2)
CVE-2022-35258 Published on December 5, 2022