A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network.
References
Link | Resource |
---|---|
https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2024-03-31T01:45:42.684Z
Updated: 2024-03-31T01:45:42.684Z
Reserved: 2023-08-31T01:00:11.771Z
Link: CVE-2023-41724
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-03-31T02:15:07.660
Modified: 2024-04-01T15:31:21.150
Link: CVE-2023-41724
JSON object: View
Redhat Information
No data.
CWE