Source |
The Hacker News |
Identifiant |
8372975 |
Date de publication |
2023-08-22 10:15:00 (vue: 2023-08-22 05:06:52) |
Titre |
Ivanti met en garde contre la faille critique du zéro-jour exploitée activement dans le logiciel Sentry Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software |
Texte |
Le fournisseur de services logiciels Ivanti met en garde contre une nouvelle faille de zéro-day critique impactant Ivanti Sentry (anciennement MobileRiron Sentry) qui, selon lui, est activement exploité dans la nature, marquant une escalade de ses problèmes de sécurité.
Suivi comme CVE-2023-38035 (score CVSS: 9.8), le problème a été décrit comme un cas de contournement d'authentification impactant les versions 9.18 et antérieurement en raison de ce qu'elle a appelé un
Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry (formerly MobileIron Sentry) that it said is being actively exploited in the wild, marking an escalation of its security woes.
Tracked as CVE-2023-38035 (CVSS score: 9.8), the issue has been described as a case of authentication bypass impacting versions 9.18 and prior due to what it called an |
Envoyé |
Oui |
Condensat |
2023 38035 actively as cve authentication been being bypass called case critical cvss day described due escalation exploited flaw formerly has impacting issue is warning of its ivanti marking mobileiron new prior provider said score: security sentry services software tracked versions warns what wild woes zero |
Tags |
|
Stories |
|
Notes |
★★
|
Move |
|