CVE-2023-46805
Description
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
- CVSS Version 3.1
- CVSS Version 3.0
CVE ID: CVE-2023-46805
Base Score: 8.2
Base Severity: HIGH
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Impact Score: 4.2
Exploitability Score: 3.9
CVE ID: CVE-2023-46805
Base Score: 8.2
Base Severity: HIGH
Vector String:CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Proof Of Concept
Nuclei Templates for CVE-2023-46805
Refrence: Project Discovery GitHub
yoryio
Scanner for CVE-2023-46805 - Ivanti Connect Secure
Refrence: GitHub
cbeek-r7
Simple scanner for scanning a list of ip-addresses for vulnerable Ivanti Pulse Secure devices
Refrence: GitHub
duy-31
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Refrence: GitHub
raminkarimkhani1996
The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.
Refrence: GitHub
seajaysec
Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.
Refrence: GitHub
Chocapikk
Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research
Refrence: GitHub
mickdec
Refrence: GitHub
w2xim3
CVE-2023-46805 Ivanti POC RCE - Ultra fast scanner.
Refrence: GitHub