CNNVD-202509-1378 Information
CNNVD ID
CNNVD-202509-1378
Related CVE
- CNNVD Published: 2025-09-09
Description (Chinese)
Ivanti Connect Secure(ICS)等都是美国Ivanti公司的产品。Ivanti Connect Secure是一款安全远程网络连接工具。Ivanti Policy Secure(IPS)是一个网络访问控制 (NAC) 解决方案。Ivanti Neurons是一款开创性的平台,能简化和自动化IT系统。 Ivanti多款产品存在安全漏洞,该漏洞源于未检查返回值,可能导致拒绝服务。以下产品及版本受到影响:Ivanti Connect Secure 22.7R2.9之前版本和22.8R2之前版本、Ivanti Policy Secure 22.7R1.6之前版本、Ivanti ZTA Gateway 2.8R2.3-723之前版本和Ivanti Neurons for Secure Access 22.8R1.4之前版本。
Description (English)
Ivanti Connect Security (ICS) and others are products of the American company Ivanti. Ivanti Contact Security is a secure remote network connection tool. Ivanti Policy Security is a web access control (NAC) solution. Ivanti Neurons is a ground-breaking platform that can simplify and automate IT systems. There was a safety gap in the Ivanti product, which stemmed from the failure to check the return value and could lead to the denial of services. The following products and versions were affected: the previous version of Ivanti Contact 22.7R2.9 and the previous version of 22.8R2, the previous version of Ivanti Policy 22.7R.1.6, the previous version of Ivanti ZTA Gateway 2.8R2.3-723 and the previous version of Ivanti Neurons for Security 22.8R1.4.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Ivanti
Published
2025-09-09
Last Modified
2026-02-24
References
https://forums.ivanti.com/s/article/September-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-and-Neurons-for-Secure-Access-Multiple-CVEs?language=en_US https://vigilance.fr/vulnerability/Ivanti-Connect-Secure-multiple-vulnerabilities-dated-09-09-2025-48180