CNNVD-202509-1383 Information
CNNVD ID
CNNVD-202509-1383
Related CVE
- CNNVD Published: 2025-09-09
Description (Chinese)
Ivanti Connect Secure(ICS)等都是美国Ivanti公司的产品。Ivanti Connect Secure是一款安全远程网络连接工具。Ivanti Policy Secure(IPS)是一个网络访问控制 (NAC) 解决方案。Ivanti Neurons是一款开创性的平台,能简化和自动化IT系统。 Ivanti多款产品存在安全漏洞,该漏洞源于缺少授权可能导致配置身份验证相关设置。以下产品及版本受到影响:Ivanti Connect Secure 22.7R2.9之前版本和22.8R2之前版本、Ivanti Policy Secure 22.7R1.6之前版本、Ivanti ZTA Gateway 2.8R2.3-723之前版本和Ivanti Neurons for Secure Access 22.8R1.4之前版本。
Description (English)
Ivanti Connect Security (ICS) and others are products of the American company Ivanti. Ivanti Contact Security is a secure remote network connection tool. Ivanti Policy Security is a web access control (NAC) solution. Ivanti Neurons is a ground-breaking platform that can simplify and automate IT systems. There is a safety gap in a number of Ivanti products, which stems from a lack of authorization that may lead to the configuration of the relevant authentication settings. The following products and versions were affected: the previous version of Ivanti Contact 22.7R2.9 and the previous version of 22.8R2, the previous version of Ivanti Policy 22.7R.1.6, the previous version of Ivanti ZTA Gateway 2.8R2.3-723 and the previous version of Ivanti Neurons for Security 22.8R1.4.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Ivanti
Published
2025-09-09
Last Modified
2026-02-24
References
https://forums.ivanti.com/s/article/September-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-and-Neurons-for-Secure-Access-Multiple-CVEs?language=en_US https://vigilance.fr/vulnerability/Ivanti-Connect-Secure-multiple-vulnerabilities-dated-09-09-2025-48180