Software company Ivanti has recently raised the alarm about two new vulnerabilities impacting its products: Connect Secure, Policy Secure and ZTA gateways. Read on to learn more. Tell me more about the Ivanti zero-days The first of these vulnerabilities, tagged as CVE-2024-21893, is a zero-day flaw that’s currently being actively exploited. This flaw is a server-side request forgery issue in the SAML component of the gateways, which allows attackers to sidestep authentication and gain access to restricted areas on the affected devices. The ... Read More
The post New Ivanti Connect Secure Zero-Day Exploited by Threat Actors appeared first on Nuspire.
The post New Ivanti Connect Secure Zero-Day Exploited by Threat Actors appeared first on Security Boulevard.
Team Nuspire
Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/02/new-ivanti-connect-secure-zero-day-exploited-by-threat-actors/