cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-8540,https://securityvulnerability.io/vulnerability/CVE-2024-8540,Insecure Permission Vulnerability in Ivanti Sentry Products,"The vulnerability identified in Ivanti Sentry allows local authenticated attackers to exploit insecure permissions within the application. Specifically, versions prior to 9.20.2, 10.0.2, and 10.1.0 are affected, making it possible for these attackers to modify sensitive application components. This flaw underscores the importance of strict permission settings and access controls in software applications to protect against potential misuse.",Ivanti,Sentry,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-10T19:15:00.000Z,0
CVE-2023-41724,https://securityvulnerability.io/vulnerability/CVE-2023-41724,Unauthenticated Command Injection Vulnerability in Ivanti Sentry,"The command injection vulnerability in Ivanti Sentry prior to version 9.19.0 poses a significant risk by allowing unauthenticated threat actors to execute arbitrary commands on the underlying operating system of the appliance. This vulnerability can be exploited from within the same physical or logical network, leading to potential unauthorized access and system compromise. It is essential for organizations using Ivanti Sentry to apply necessary updates and follow security best practices to mitigate risks associated with this vulnerability.",Ivanti,Sentry,8.8,HIGH,0.00046999999904073775,false,,true,false,false,,,false,false,,2024-03-31T01:45:42.684Z,0
CVE-2023-38035,https://securityvulnerability.io/vulnerability/CVE-2023-38035,Authentication Bypass Vulnerability in Ivanti MobileIron Sentry Admin Portal,"A vulnerability exists in the administrative interface of the Ivanti MobileIron Sentry, specifically in the MICS Admin Portal. This flaw arises from an insufficiently restrictive configuration of the Apache HTTPD server, potentially allowing attackers to circumvent authentication measures. Successful exploitation of this vulnerability could lead to unauthorized access to sensitive administrative functions, posing significant risks to system integrity and data security.",Ivanti,MobileIron Sentry,9.8,CRITICAL,0.9719200134277344,true,2023-08-22T00:00:00.000Z,true,true,true,2023-08-22T00:00:00.000Z,true,false,false,,2023-08-21T17:15:00.000Z,0