CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39339

A vulnerability exists on all versions of Ivanti Policy Secure below 22.6R1 where an authenticated administrator can perform an arbitrary file read via a maliciously crafted web request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.8%

CVSS Severity

CVSS v3 Score 4.9

References

https://forums.ivanti.com/s/article/Security-patch-release-Ivanti-Policy-Secure-22-6R1

Products affected by CVE-2023-39339

Ivanti » Policy Secure » Version: N/A

cpe:2.3:a:ivanti:policy_secure:-
Ivanti » Policy Secure » Version: 22.1

cpe:2.3:a:ivanti:policy_secure:22.1
Ivanti » Policy Secure » Version: 22.2

cpe:2.3:a:ivanti:policy_secure:22.2
Ivanti » Policy Secure » Version: 22.3

cpe:2.3:a:ivanti:policy_secure:22.3
Ivanti » Policy Secure » Version: 22.4

cpe:2.3:a:ivanti:policy_secure:22.4
Ivanti » Policy Secure » Version: 22.5

cpe:2.3:a:ivanti:policy_secure:22.5
Ivanti » Policy Secure » Version: 22.6

cpe:2.3:a:ivanti:policy_secure:22.6
Ivanti » Policy Secure » Version: 9.0

cpe:2.3:a:ivanti:policy_secure:9.0
Ivanti » Policy Secure » Version: 9.1

cpe:2.3:a:ivanti:policy_secure:9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39339

Products

Pricing

Contact Us