Auth Bypass in Ivanti PolicySecure Web Com (CVE-2023-46805)
CVE-2023-46805 Published on January 12, 2024
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Known Exploited Vulnerability
This Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways contain an authentication bypass vulnerability in the web component that allows an attacker to access restricted resources by bypassing control checks. This vulnerability can be leveraged in conjunction with CVE-2024-21887, a command injection vulnerability.
The following remediation steps are recommended / required by January 31, 2024: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Products Associated with CVE-2023-46805
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-46805 are published in these products:
Affected Versions
Ivanti ICS:- Version 9.1R18, <= 9.1R18 is affected.
- Version 22.6R2, <= 22.6R2 is affected.
- Version 9.1R18, <= 9.1R18 is affected.
- Version 22.6R1, <= 22.6R1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.