Application Details
Ivanti Connect Secure (ICS) is a secure access product which offers secure connection between remote users and their organisation’s wider network.
Ivanti Policy Secure (IPS) is a network access control (NAC) solution which provides network access only to authorised and secured users and devices.
Vulnerability
Ivanti Connect Secure (formerly Pulse Secure) and Ivanti Policy Secure gateways could allow a remote attacker to bypass security restrictions, caused by an authentication bypass vulnerability in the web component.
Identification
By bypassing control checks, an attacker could exploit this vulnerability to access restricted resources.
GET /api/v1/totp/user-backup-code/../../system/system-information
Detection
By turning this into a traffic file and matching rule, we are able to detect attempts by unauthenticated attackers to bypass security restrictions.
Coverage
Idappcom has created signature 8024541 along with a traffic file for this vulnerability.
References
Traffic IQ
If you are concerned that your business may be at risk of this vulnerability, or others, why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional
Bình luận