
Start Testing WordPress’ New Interactivity API
Aug 27, 2023Create a Chatbot Trained on Your Own Data via the OpenAI API — SitePoint
Aug 23, 2023World Rhythmic Gymnastics Championships 2023: All final results and medals
Aug 15, 2023Bruins have cap space options with offseason to
Aug 10, 2023Adopting an API Maturity Model to Accelerate Innovation
Jul 26, 2023Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability
A critical-severity vulnerability in the Ivanti Sentry (formerly MobileIron Sentry) product exposes sensitive API data and configurations.
By
Ivanti’s problems with security defects in its enterprise-facing products are starting to pile up.
The IT software company on Monday shipped urgent patches for a critical-severity vulnerability in the Ivanti Sentry (formerly MobileIron Sentry) product and warned that hackers could exploit the issue to access sensitive API data and configurations.
The vulnerability, tagged as CVE-2023-38035, affects Ivanti Sentry versions 9.18 and prior, and could be exploited by malicious hackers to change configuration, run system commands, or write files onto the system, Ivanti said in an advisory.
“If exploited, this vulnerability enables an unauthenticated actor to access some sensitive APIs that are used to configure the Ivanti Sentry on the administrator portal (port 8443, commonly MICS),” the company said.
While the issue carries a 9.8/10 CVSS severity score, Ivanti notes there is low risk of exploitation for enterprise administrations who do not expose port 8443 to the internet.
“Ivanti recommends that customers restrict access to MICS to internal management networks and not expose this to the internet,” the company said.
Ivanti said it was “aware of a limited number of customers impacted by CVE-2023-38035” but it is not yet clear if the issue is being exploited as zero-day in the wild.
Ivanti’s security problems have escalated in recent months with the release of patches for critical flaws in the Avalanche Enterprise MDM Product line, in-the-wild exploitation of vulnerabilities in Ivanti EPMM and documented APT activity targeting Ivanti zero-day flaws.
Related: Ivanti Patches Critical Flaw in Avalanche Enterprise MDM Product
Related: Exploitation of Ivanti EPMM Vulnerability Picking Up
Related: Ivanti Zero-Day Exploited by APT Since at Least April
Related: Second Ivanti EPMM Zero-Day Bug Exploited in Targeted Attacks
Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.
Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.
Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.
As the SEC cyber incident disclosure rules come into effect, organizations will be forced to seriously consider giving security leaders a seat at the table.(Marc Solomon)
Working remotely is here to stay and businesses should continue to make sure their basic forms of communication are properly configured and secured.(Matt Honea)
The complexity and challenge of distributed cloud environments often necessitate managing multiple infrastructure, technology, and security stacks, multiple policy engines, multiple sets of controls, and multiple asset inventories.(Joshua Goldfarb)
Automated Security Control Assessment enhances security posture by verifying proper, consistent configurations of security controls, rather than merely confirming their existence.(Torsten George)
Context helps complete the picture and results in actionable intelligence that security teams can use to make informed decisions more quickly.(Matt Wilson)
Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...
The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.
Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...
OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...
A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...
The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...
A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...
The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.
Ivanti’s problems with security defects in its enterprise-facing products are starting to pile up.Related: Related:Related:Related:
