CVE-2024-38648 Information

Description

A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent network to decrypt sensitive data including user credentials.

Reference

https://forums.ivanti.com/s/article/SA-2024-07-12-CVE-2024-38648

Related CNNVD

CNNVD-202507-1708 (Published: 2025-07-12)