#CVE20247593

Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager

by

August 14, 2024 at 06:57AM Ivanti announced patches for eight vulnerabilities in Neurons for ITSM, Avalanche, and Virtual Traffic Manager, including two critical-severity flaws. The patches address security defects, such as information disclosure and improper certificate validation, and are available for download. Ivanti recommends customers upgrade to the patched versions to mitigate potential risks. Based … Read more

Critical Flaw in Ivanti Virtual Traffic Manager Could Allow Rogue Admin Access

by

August 14, 2024 at 02:03AM Ivanti has released security updates for a critical flaw in Virtual Traffic Manager (vTM) that could allow an authentication bypass and the creation of rogue administrative users. The vulnerability, tracked as CVE-2024-7593, has a CVSS score of 9.8. Additionally, Ivanti has addressed other vulnerabilities in Neurons for ITSM and Ivanti … Read more

Critical Ivanti vTM Bug Allows Unauthorized Admin Access

by

August 13, 2024 at 04:34PM Ivanti has addressed a critical vulnerability in its Virtual Traffic Manager (vTM) related to an authentication algorithm, with a major potential impact. While no attacks have been observed, a proof-of-concept exploit is publicly available. Ivanti has provided patches and recommends limiting vTM access to trusted IP addresses to reduce the … Read more

Ivanti warns of critical vTM auth bypass with public exploit

by

August 13, 2024 at 11:31AM Ivanti urged customers to patch critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances. The flaw, tracked as CVE-2024-7593, allows remote unauthenticated attackers to create rogue administrator accounts. Ivanti advises restricting access to vTM management interface and upgrading to the latest patched versions to mitigate the risk. Key … Read more