CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-39340

A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker can send a specific request which may lead to Denial of Service (DoS) of the appliance.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.4%

CVSS Severity

CVSS v3 Score 7.5

References

https://forums.ivanti.com/s/article/Security-fix-release-Ivanti-Connect-Secure-22-6R2-and-22-6R2-1?language=en_US
https://forums.ivanti.com/s/article/Security-fix-release-Ivanti-Connect-Secure-22-6R2-and-22-6R2-1?language=en_US

Products affected by CVE-2023-39340

Ivanti » Connect Secure » Version: 22.1

cpe:2.3:a:ivanti:connect_secure:22.1
Ivanti » Connect Secure » Version: 22.2

cpe:2.3:a:ivanti:connect_secure:22.2
Ivanti » Connect Secure » Version: 22.3

cpe:2.3:a:ivanti:connect_secure:22.3
Ivanti » Connect Secure » Version: 22.4

cpe:2.3:a:ivanti:connect_secure:22.4
Ivanti » Connect Secure » Version: 22.5

cpe:2.3:a:ivanti:connect_secure:22.5
Ivanti » Connect Secure » Version: 22.6

cpe:2.3:a:ivanti:connect_secure:22.6
Ivanti » Connect Secure » Version: 9.1

cpe:2.3:a:ivanti:connect_secure:9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39340

Products

Pricing

Contact Us