CVE-2022-35258

Published: Dec 5, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.

Vendor	Product	Versions
n/a	Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Neurons for Zero Trust Access Gateway	affected `ICS Prior to 9.1R14.3,9.1R15.2,9.1R16.2 and 22.2R4, IPS Prior to 9.1R17 and 22.3R1, Ivanti Neurons for Zero Trust Access Gateway Prior to 22.3R1`

Weaknesses (CWE)

CWE-128

References

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-35258

Description

Affected Products

Weaknesses (CWE)

References