ГлавнаяУязвимости → CVE-2023-41724
8.8высокая

CVE-2023-41724

→ есть в БДУ: BDU:2024-02177 (на русском)
Описание (на английском; русское — в БДУ выше)

A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network.

Затрагиваемое ПО
Ivanti Standalone sentry
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentryhttps://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry