Security News > 2024 > March > Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability
![Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability](/static/build/img/news/ivanti-releases-urgent-fix-for-critical-sentry-rce-vulnerability-medium.jpg)
2024-03-21 03:55
Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to stay protected against potential cyber threats. Tracked as CVE-2023-41724, the vulnerability carries a CVSS score of 9.6. "An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance
News URL
https://thehackernews.com/2024/03/ivanti-releases-urgent-fix-for-critical.html
Related news
- VMware fixes critical vCenter RCE vulnerability, patch now (source)
- Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool (source)
- PHP fixes critical RCE flaw impacting all versions for Windows (source)
- Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability (source)
- Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) (source)
- Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed (source)
- Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application (source)
- GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others (source)
- New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems (source)
- Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-31 | CVE-2023-41724 | Command Injection vulnerability in Ivanti Standalone Sentry A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network. | 8.8 |