Hacking News Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways

Hacking News Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways - Printable Version

+- (https://hackmyride.com/forum)
+-- Forum: Automotive Hacking (https://hackmyride.com/forum/forumdisplay.php?fid=211)
+--- Forum: News (https://hackmyride.com/forum/forumdisplay.php?fid=278)
+---- Forum: The Hacker News (https://hackmyride.com/forum/forumdisplay.php?fid=279)
+---- Thread: Hacking News Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways (/showthread.php?tid=13182)

Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways - The Hacker News - 02-11-2024

Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways

Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication.
The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system.
"An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti

https://thehackernews.com/2024/02/warning-new-ivanti-auth-bypass-flaw.html