Researchers observed a critical Ivanti Sentry API authentication bypass vulnerability exploited in the wild. The flaw was dubbed CVE-2023-38035 and it enables authentication bypass on Ivanti Sentry versions 9.18 and prior, due to improper Apache HTTPD configuration. According to the company, CVE-2023-38035 doesn`t impact any of its other products, such as Ivanti EPMM, MobileIron Cloud […]
The post New Ivanti Zero-Day Vulnerability Allows Hackers to Access Sensitive APIs appeared first on Heimdal Security Blog.