CNNVD-202507-1017 Information
CNNVD ID
CNNVD-202507-1017
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
Ivanti Connect Secure(ICS)和Ivanti Policy Secure(IPS)都是美国Ivanti公司的产品。Ivanti Connect Secure是一款安全远程网络连接工具。Ivanti Policy Secure是一个网络访问控制 (NAC) 解决方案。 Ivanti Connect Secure 22.7R2.8之前版本和Ivanti Policy Secure 22.7R1.5之前版本存在安全漏洞,该漏洞源于证书管理组件访问控制不当,可能导致设置被修改。
Description (English)
Ivanti Contact Security (ICS) and Ivanti Policy Security (IPS) are all products of the United States company Ivanti. Ivanti Contact Security is a secure remote network connection tool. Ivanti Policy Security is a web access control (NAC) solution. There is a security loophole in previous versions of Ivanti Connect Security 22.7R2.8 and before Ivanti Policy 22.7R1.5, which stems from inadequate access controls of the certificate management component, which may lead to changes in settings.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
iWT
Published
2025-07-08
Last Modified
2026-02-24
References
https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs https://access.redhat.com/security/cve/cve-2025-5450