top of page

Ivanti ICS and Ivanti Policy Secure Security Bypass (CVE-2023-46805)



Application Details

Ivanti Connect Secure (ICS) is a secure access product which offers secure connection between remote users and their organisation’s wider network.


Ivanti Policy Secure (IPS) is a network access control (NAC) solution which provides network access only to authorised and secured users and devices.


Vulnerability

Ivanti Connect Secure (formerly Pulse Secure) and Ivanti Policy Secure gateways could allow a remote attacker to bypass security restrictions, caused by an authentication bypass vulnerability in the web component.


Identification

By bypassing control checks, an attacker could exploit this vulnerability to access restricted resources.

GET /api/v1/totp/user-backup-code/../../system/system-information

Detection

By turning this into a traffic file and matching rule, we are able to detect attempts by unauthenticated attackers to bypass security restrictions.


Coverage

Idappcom has created signature 8024541 along with a traffic file for this vulnerability.


References


Traffic IQ

If you are concerned that your business may be at risk of this vulnerability, or others, why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional

bottom of page