CVE-2023-46805

HIGH
2024-01-12 [email protected]
8.2
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
Low
Availability
None

Lifecycle Timeline

4
Analysis Generated
Mar 26, 2026 - 11:19 vuln.today
Added to CISA KEV
Oct 31, 2025 - 21:59 cisa
CISA KEV
PoC Detected
Oct 31, 2025 - 21:59 vuln.today
Public exploit code
CVE Published
Jan 12, 2024 - 17:15 nvd
HIGH 8.2

Description

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.

Analysis

Ivanti Connect Secure and Policy Secure contain an authentication bypass in the web component allowing unauthenticated access to restricted resources, chained with CVE-2024-21887 for unauthenticated RCE in massive exploitation campaigns starting January 2024.

Technical Context

The CWE-287 authentication bypass allows attackers to circumvent web component access controls through crafted requests. Chained with CVE-2024-21887 (command injection), this enables unauthenticated remote code execution on Ivanti VPN appliances.

Affected Products

['Ivanti Connect Secure 9.x and 22.x', 'Ivanti Policy Secure 9.x and 22.x']

Remediation

Apply Ivanti patches. CISA recommends factory reset before patching due to persistent implant concerns. Rotate all credentials. Run Ivanti's Integrity Checker Tool. Consider migrating to alternative VPN solutions.

Priority Score

215
Low Medium High Critical
KEV: +50
EPSS: +94.4
CVSS: +41
POC: +20

Share

CVE-2023-46805 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy